Skip to content

This is for setting up a Yubico Passwordless Ubuntu Login or Logins

Notifications You must be signed in to change notification settings

vanderblugen/Yubico-Passwordless-Login-with-Linux

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

43 Commits
 
 
 
 
 
 

Repository files navigation

Yubico Passwordless Ubuntu Login

This is for setting up a Yubico Passwordless Login with Linux.

This has also been tested on Ubuntu and Raspberry Pi OS.

This setup is not for the Yubico key's alone and can be used with other FIDO keys.

This is a fairly straight forward implementation.

After this installation the key isn't required but the software will be a sufficient attempt and if the key isn't available then the password is required. It even gives the key option during sudo access.

Please keep in mind that I did not come up with all of the information from this but did copy a large portion of it from AskUbuntu

This is a modification on the original Yubico instructions found here.

Install needed software to interface with the Yubico Key

sudo apt install libpam-u2f -y

Create a mappings file

Run this for each user. Update USERNAME with the username of the appropriate user. This script is contained in buttonpress.sh.

sudo -v
echo Enter the PIN if required then Press the button
sudo sh -c "pamu2fcfg -u USERNAME >> /etc/u2f_mappings"

Modify the file

The /etc/u2f_mappings file is going to need to be edited

sudo nano /etc/u2f_mappings

Note these things when editing the file

  • Each user should have it's own line in the file
  • Single user with multiple keys is layed out
    • USERNAME:KEY:KEY:KEY

This finalizes the installation

Run update-mapping.sh.

  • It does modify key authentication files for your system
  • Run only once.

Enjoy

If anyone wants to contribute please reach out.