Yubikey-as-SSH-Key

0. Intro

FIDO2 is available in OpenSSH 8.2 version, which is much more convenience then OpenPGP.

1. Prequisites

• A Yubikey Device, or other device support FIDO2.

2. Config Identities

(1). Generate keys with Resident Mode

ssh-keygen -t ed25519-sk -O resident -f ~/.ssh/id_ ed25519-sk

(2). Upload Private Key to Server

2. Using FIDO2

(1). Identify Private Key

ssh-add -K

(2). Check the Key Loaded

ssh-add -L

REF

[1].https://blog.bloade.com/2022/03/20/%E4%B8%BAopenssh%E9%85%8D%E7%BD%AEfido2%E8%AE%A4%E8%AF%81/