SSH authentication using private key stored on YubiKeys
M
Michal Szymanski
started a topic
almost 5 years ago
Hi,
Friend of mine recommended me the Royal TS software and we are evaluating it (i started with Mac OS version) at our company, but I cannot find a way to authenticate to remote SSH servers using OpenPGP private key (auth subkey) stored on the Yubikey. We are using it widely for logins into critical SSH servers by following methods listed on Yubico site (for both Win and MacOS):
Is there a way to enable sth similar ? I always get following error message which I have already seen in the terminal if the gpg-connect-agent is not running:
Load key "/Users/You/.ssh/id_rsa_yubikey.pub": invalid format
Best Answer
F
Felix Deimel
said
almost 5 years ago
Hi Michal,
it depends on how you set up your Yubikey in macOS but it's very likely that enabling "Run inside Login Shell" in the "Advanced - Session" properties of your SSH connection will make it work.
Please try this first and let me know if it helps!
it depends on how you set up your Yubikey in macOS but it's very likely that enabling "Run inside Login Shell" in the "Advanced - Session" properties of your SSH connection will make it work.
Please try this first and let me know if it helps!
cheers,
felix
1 person likes this
M
Michal Szymanski
said
almost 5 years ago
Hi Felix,
This is cool! After I enabled 'Run inside login shell' it indeed asked me for my smartcard PIN and I was able to log into the box using the pkey from Yubikey. Thanks a lot! I hope it will work the same way under Windows.
BR,
Michal
Felix Deimel
said
almost 5 years ago
Perfect! Glad I could help!
If you need help getting this running on Windows please let us know in a new ticket.
Michal Szymanski
Hi,
Friend of mine recommended me the Royal TS software and we are evaluating it (i started with Mac OS version) at our company, but I cannot find a way to authenticate to remote SSH servers using OpenPGP private key (auth subkey) stored on the Yubikey. We are using it widely for logins into critical SSH servers by following methods listed on Yubico site (for both Win and MacOS):
https://developers.yubico.com/PGP/SSH_authentication/
Is there a way to enable sth similar ? I always get following error message which I have already seen in the terminal if the gpg-connect-agent is not running:
Load key "/Users/You/.ssh/id_rsa_yubikey.pub": invalid format
Hi Michal,
it depends on how you set up your Yubikey in macOS but it's very likely that enabling "Run inside Login Shell" in the "Advanced - Session" properties of your SSH connection will make it work.
Please try this first and let me know if it helps!
cheers,
felix
- Oldest First
- Popular
- Newest First
Sorted by Oldest FirstFelix Deimel
Hi Michal,
it depends on how you set up your Yubikey in macOS but it's very likely that enabling "Run inside Login Shell" in the "Advanced - Session" properties of your SSH connection will make it work.
Please try this first and let me know if it helps!
cheers,
felix
1 person likes this
Michal Szymanski
Hi Felix,
This is cool! After I enabled 'Run inside login shell' it indeed asked me for my smartcard PIN and I was able to log into the box using the pkey from Yubikey. Thanks a lot! I hope it will work the same way under Windows.
BR,
Michal
Felix Deimel
Perfect! Glad I could help!
If you need help getting this running on Windows please let us know in a new ticket.
thx,
felix
-
About this Forum
-
X11 forwarding
-
Royal TSX VMware connections
-
Sort items/folders in Navigation panel
-
Triggers and others changes..
-
Emulating full screen WITHOUT "Spaces"
-
Proper cred setup for smartcard RDP logon from MacOS
-
AutoFill/Login Google Drive?
-
Toggle broadcast input on/off
-
Royal TSX - Costum Keyboard Layout
See all 111 topics