I have purchased a Yubikey NFC device and have no idea what next! Believe me I have read the instructions many times but I am still lost.
I though I would start with something simple like signing into my Google account, which I have by virtue of owning an Android phone.
All I have achieved so far is that instead of just signing in to Google using my password (from my KeepassXC password app,) as usual, I have to first sign in with my KeepassXC password and then use the Yubikey device. So signing in may be more secure but it would be if I have to use two sign-in steps!
This process didn’t use the NFC caability as it was already plugged into a USB socket on my laptop. Not much progress so far.
What I hoped was to be able to put the Yubikey into another laptop and sign in to my Google account on that laptop, without having the benefit of having KeePassXC but hopefully doing it with my phone using an NFC connection. Am I expecting too much and how many steps have I got wrong?
If I can get this working I might then be able to tackle laptop login and openSUSE but one step at a time.
For Google it looks to me like 1-Step login is not possible, only a 2-Step Verification.
Not completely surprising, if it is that google is allowing you to log in with only a password it is that google has some other information on you already likely in the form of cookies.
I now have second Yubikey which I hope to register as backup device in case of lost Yubikey.
All I could manage so far is using the Yubikey as the second step sign in for Google.
There is a thread on the AskUbuntu community site which looled interesting. I thought I would follow the suggestions there, which required me installing libpam-u2f. Tried this using Yast and file not found. Strange as I have the Security repo already installed.
I think I need a bit more guidance please.
Regards,
Budge
That is what I wrote, if you ever succeed login in with Google with only a hardware token, let us know.
There is a thread on the AskUbuntu community site which looled interesting. I thought I would follow the suggestions there, which required me installing libpam-u2f. Tried this using Yast and file not found. Strange as I have the Security repo already installed.
“zypper se pam” did show me (under Tumbleweed):
| pam_u2f | U2F authentication integration into PAM | package