Conversation
|
Cool. It would be nice to have some instructions. |
nrdxp
force-pushed
the
yubikey
branch
2 times, most recently
from
2ebfe0a to
61e0949
Compare
|
Simple instructions are now included: rendered. Also be sure to read documentation for age-plugin-yubikey. |
|
@nrdxp Thanks for adding some docs. Do you know what the minimum version of Yubikey is required or which feature is needed to make it work? I have some Yubikeys but they are kind of old. |
|
I don't see any specific doc on yubikey versions, but I would assume that as long as your yubikey has the PIV application available that it should work. |
|
My Yubikey is way too old. It doesn't even have things called "application"s. |
|
PIN policy has been updated to work with 'never' as expected. Ideally, we would want the 'once' policy to still PIN protect the secrets, but because there is still no agent support for yubikey yet, this would ask for PIN every time. |
|
Any updates on this? Being able to use my yubi would be great as I use it for all my ssh-keys anyway. |
|
@johnae seems to be using agenix with yubikeys: https://github.com/johnae/world/blob/8cd4af5a2fc572dd7a49399cf53d862aa841d481/flake.nix#L20 Has anything happen on this topic since 2021? Still interested in this feature #186, this and https://github.com/oddlama/agenix-rekey seem related, but I'm still not sure what the way to go is here or if anything of that is supported |
|
ping @nrdxp Are you still working on this? |
Nope sorry, lost track of this one as I am no longer using agenix personally. I'll close for now, but feel free to steal anything that might be useful for another PR |
3 participants
This works!
, but is in draft mode because of str4d/age-plugin-yubikey#34, which makes usage impractical.rendered instructions