# Anyone using a YubiKey for SSH authentication?



## MannDude (Jul 9, 2013)

Got a YubiKey in the mail yesterday which was required for a temporary job I am doing, but I don't know much about them. Looking around, I don't see any easy to follow guide on how to get it working with SSH authentication, though I imagine it's doable considering I use it to login to a corporate VPN.

Anyone wanna right up a guide or point me in the right direction?


----------



## kaniini (Jul 9, 2013)

You have to know the key that is enrolled into the yubikey.  IIRC, it's just TOTP though.

I guess you could enroll another key into the yubikey after your job completes, but you won't be able to use it for both at the same time without knowing the enrolled key.


----------



## MannDude (Jul 9, 2013)

Ah, I see. Either way, a neat device. I'll probably order one in the future for my own personal use then.


----------



## mikho (Jul 9, 2013)

If you are interested in 2 factor authentication take a look at phonefactor.


Usable with sshd and websites, even rdp and the phonecall is free in many countries.


----------



## jarland (Jul 9, 2013)

This looks promising: http://code.google.com/p/yubico-pam/wiki/YubikeyAndSSHViaPAM

I use Duo (free on phone) for 2 step auth for wordpress & ssh, but only on low priority stuff as I really don't know if tomorrow it becomes a liability. I like that my phone pops up and requests my permission to log in to things.


----------



## wlanboy (Jul 9, 2013)

Google authenticator with QR code is quite nice:




But I don't want to rely on google services. Still searching for a self-hosted GPL solution.


----------



## wdq (Jul 9, 2013)

I also use Google Authenticator to secure SSH. It's nice to be able to have all of my SSH codes, as well as the codes for different online services including Gmail all in one app.


----------

