YubiKey
Last updated
Was this helpful?
Last updated
Was this helpful?
Guide to setup for encryption, SSH authentication and signing Git commits.
Store the passphrase of all of your SSH keys securely in iCloud Keychain, from which ssh-agent will read them on startup.
YubiKey 5 key
YubiKey Manager
YubiKey Personalization Tool
Verify a YubiKey is genuine, open a browser to https://www.yubico.com/genuine/
There is a private key file stored on your machine, but your private SSH key is a reference to the security key device itself. If your private key file on your computer is stolen, it would be useless without the security key.
Configure SSH-agent to always use the Keychain
Add the following lines to your ~/.ssh/config
file:
Any key you add to the ssh-agent using the ssh-add --apple-use-keychain ~/.ssh/[your-private-key]
command will be automatically added to the keychain, and should be automatically loaded
upon reboot.
You should be able to see the keys in the Keychain Access app, as well as from the command line via:
To auto type secret, Press and hold the Yubikey button for 3-4 seconds.
The Yubikey can be configured to type in a string when its button is long-pressed. To setup, follow blog