Differences

This shows you the differences between two versions of the page.

--- gear:yubi [2024/09/28 09:44] – Humphrey Boa-Gart
+++ gear:yubi [2024/09/28 09:54] (current) – [Two-Factor Sudo] Humphrey Boa-Gart
@@ Line 11: / Line 11: @@
 ===== Advanced Magick =====
-There are all sorts of [[https://www.yubico.com/support/download/|other official tools]] for various other things you can bolt your YubiKey into, like your login screen and enterprise networks.
+There are all sorts of [[https://www.yubico.com/support/download/|official tools]] for various other things you can bolt your YubiKey into, like your login screen and enterprise networks.
 ==== Two-Factor Sudo ====
@@ Line 21: / Line 21: @@
 First, make sure the prerequisite PAM packages are installed. On Debian/Ubuntu you can grab them all with apt. You may need to hunt them down yourself on other distros.
-  $ apt install libpam-u2f libpam-yubico pamu2fcfg
+  $ sudo apt install libpam-u2f libpam-yubico pamu2fcfg
 == Setup ==
@@ Line 34: / Line 34: @@
   - Confirm the changes work by running ''sudo echo SUCCESS'' in a second terminal window. If it works, you can close nano. If it doesn't work, you did something wrong - Revert your changes to pam.d/sudo and try again.
-You can make these same changes to other PAM configuration files such as ''/etc/pam.d/su'' and ''/etc/pam.d/sudo-i'' - Give it a shot!
+You can make these same changes to other PAM configuration files while you are at it. Repeat **Step 3** on ''/etc/pam.d/su'' and ''/etc/pam.d/sudo-i'' to enable Yubikey authentication on those commands as well!
 {{tag>Gear Security}}

User Tools

Site Tools

Differences