In this video we configure a Yubikey 5 NFC to work with sudo authentication.
-----------------------------------------------------------
*Commands used in this video*
Step 1:
$ sudo apt-get install libpam-u2f pamu2fcfg
Step 2:
$ pamu2fcfg -u `whoami` -opam://`hostname` -ipam://`hostname`
Copy output into "/etc/u2f_mappings"
Step 3:
$ sudo nano /etc/pam.d/sudo
Fallback mode for PAM - replace $HOSTNAME with the hostname of your computer
auth sufficient pam_u2f.so origin=pam://$HOSTNAME appid=pam://$HOSTNAME authfile=/etc/u2f_mappings cue
Require both Yubikey and password to authenticate - replace $HOSTNAME with the hostname of your computer
auth required pam_u2f.so origin=pam://$HOSTNAME appid=pam://$HOSTNAME authfile=/etc/u2f_mappings cue
To require authentication everytime sudo is ran:
$ sudo visudo
Defaults env_reset,timestamp_timeout=0
-----------------------------------------------------------
Follow me:
SecureRandom on YouTube -
null
SecureRandom on LBRY / Odysee -
https://odysee.com/@SecureRandom:1
9 Comments