• Yubikey Handbook
  • Introduction
    • About the author
  • Personal Identity Verification (PIV)
    • Use cases for a PIV-enabled Yubikey
    • Yubikey PIV Manager
  • Device initialization
  • Authenticating SSH with PIV and PKCS#11 (client)
    • Troubleshooting
  • Authenticating SSH via User Certificates (server)
    • Generating the Key Revocation List (KRL)
  • Authenticating SSH Host Certificates (client)
    • Additional resources
  • 2FA via Yubico OTP (server)
    • Setting up a remote server
      • Prerequisites (demonstration only)
      • Configuring OpenSSH (sshd) for 2FA authentication
      • Installing libpam-yubico
      • Creating the Yubikey PAM authentication policy
      • Yubikey authentication module
    • Testing
  • OATH (TOTP and HOTP)
    • Using the Yubico Authenticator
  • U2F (Security Keys)
  • Docker Content Trust
    • Key Management
    • Running Notary services
      • Configuring Notary
      • Managing certificates
      • Additional resources
    • Pushing a signed Docker image
      • Generate the root key on the Yubikey
      • Pushing the image
    • Listing signed images on a remote repository
    • Delegation roles
      • Generating a delegation key
      • Importing a delegation certificate
      • Using a delegation key
      • Automating image signing on CI systems
    • Removing a delegation key
    • Rotating a key
      • Snapshot key
      • Timestamp key
      • Targets key
    • Threshold validation signing
  • OpenPGP
    • Touch protection
      • Enabling touch protection
    • Importing keys
    • Editing metadata
    • Git signing
      • Signing tags
      • Verifying tags
      • Signing commits
      • Verifying commits
      • Signing merges
      • Signing pushes
    • Authenticating SSH with GPG
    • Troubleshooting
      • gpg failed to sign the data
  • macOS integration
    • Offline authentication using HMAC-SHA1 Challenge-Response
      • Configuring HMAC-SHA1 Challenge-Response
    • Login and keychain authentication
      • Managing pairing
Powered by GitBook

Additional resources

Additional resources

  • How I've set up SSH keys on my Yubikey 4 (so far)
  • How to Harden SSH with Identities and Certificates
  • Scalable and secure access with SSH

results matching ""

    No results matching ""