Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feature: age-plugin-yubikey support #46

Closed
wants to merge 5 commits into from
Closed

Conversation

nrdxp
Copy link

@nrdxp nrdxp commented Jun 5, 2021

This works! , but is in draft mode because of str4d/age-plugin-yubikey#34, which makes usage impractical.
rendered instructions

@ryantm
Copy link
Owner

ryantm commented Jun 5, 2021

Cool. It would be nice to have some instructions.

@nrdxp nrdxp force-pushed the yubikey branch 2 times, most recently from 2ebfe0a to 61e0949 Compare June 7, 2021 20:07
@nrdxp
Copy link
Author

nrdxp commented Jun 7, 2021

Simple instructions are now included: rendered.

Also be sure to read documentation for age-plugin-yubikey.

@ryantm
Copy link
Owner

ryantm commented Jun 7, 2021

@nrdxp Thanks for adding some docs. Do you know what the minimum version of Yubikey is required or which feature is needed to make it work? I have some Yubikeys but they are kind of old.

@nrdxp
Copy link
Author

nrdxp commented Jun 7, 2021

I don't see any specific doc on yubikey versions, but I would assume that as long as your yubikey has the PIV application available that it should work.

@ryantm
Copy link
Owner

ryantm commented Jun 7, 2021

My Yubikey is way too old. It doesn't even have things called "application"s.

@nrdxp nrdxp marked this pull request as ready for review August 20, 2021 15:08
@nrdxp
Copy link
Author

nrdxp commented Aug 20, 2021

PIN policy has been updated to work with 'never' as expected. Ideally, we would want the 'once' policy to still PIN protect the secrets, but because there is still no agent support for yubikey yet, this would ask for PIN every time.

@pinpox
Copy link

pinpox commented Nov 18, 2021

Any updates on this? Being able to use my yubi would be great as I use it for all my ssh-keys anyway.

@pinpox
Copy link

pinpox commented May 30, 2023

@johnae seems to be using agenix with yubikeys: https://github.com/johnae/world/blob/8cd4af5a2fc572dd7a49399cf53d862aa841d481/flake.nix#L20

Has anything happen on this topic since 2021? Still interested in this feature
🙂

#186, this and https://github.com/oddlama/agenix-rekey seem related, but I'm still not sure what the way to go is here or if anything of that is supported

@pinpox
Copy link

pinpox commented Aug 8, 2023

ping @nrdxp Are you still working on this?

@nrdxp
Copy link
Author

nrdxp commented Aug 30, 2023

ping @nrdxp Are you still working on this?

Nope sorry, lost track of this one as I am no longer using agenix personally. I'll close for now, but feel free to steal anything that might be useful for another PR

@nrdxp nrdxp closed this Aug 30, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants