diff options
Diffstat (limited to 'machines')
| -rw-r--r-- | machines/helium.nix | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/machines/helium.nix b/machines/helium.nix index dda6569..564dd28 100644 --- a/machines/helium.nix +++ b/machines/helium.nix @@ -7,7 +7,11 @@ let in { imports = [ ./users.nix ]; - security.sudo.wheelNeedsPassword = false; + security.sudo.wheelNeedsPassword = true; + security.pam.yubico.enable = true; + security.pam.yubico.debug = false; + security.pam.yubico.control = "sufficient"; # use yubikey in lieu of password + security.pam.yubico.mode = "challenge-response"; boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" @@ -39,7 +43,10 @@ in { fira fira-code fira-code-symbols ]; - environment.systemPackages = [ + environment.systemPackages = with pkgs; [ + yubioath-desktop + yubico-pam + yubikey-manager ]; nixpkgs = { |