The One and the Many

Using a YubiKey for SSH authentication

This is a guide for using a YubiKey for SSH authentication.

There are plenty of guides about how to do this. I find they focus too much on GPG and management of GPG keys. If you don't care about GPG except as an avenue to SSH authentication, then this guide is for you.

I've written this guide for Debian GNU/Linux. The instructions will likely work with minor tweaks for other distributions.

Steps

You'll want to do this as well:

If you find gpg-agent isn't prompting you for your PIN in a nice way, you might also want to do these:

Gotchas

gpg: OpenPGP card not available: No SmartCard daemon

Install scdaemon.

gpg: OpenPGP card not available: No such device

Install pcscd.

sign_and_send_pubkey: signing failed: agent refused operation

Run gpg-connect-agent updatestartuptty /bye.

References and other guides

Back

Comment