YubiKey

A collection of 2 articles

SSH Authentication Using a YubiKey on Windows And the OpenSSH Client

As mentioned in ♯ Yubico for Windows, I used PuTTY/Plink instead of the OpenSSH client together with YubiKey because the OpenSSH Client does not support the socket file created by GnuPG. Plink does not work well in Windows Terminal. The Visual Studio Code SSH Remote does not support Plink as well, because it will pass some command line arguments that are not supported by Plink. So I decide to switch back to the OpenSSH client. Fortunately, the utility wsl-ssh-pageant can create a tunnel between a Windows pipe and the pageant socket, and the OpenSSH client can use the Windows pipe as SSH_AUTH_SOCK. This article is a tutorial to set up wsl-ssh-pageant.

Updated  •  2 min read

Yubico for Windows

This post records how I set up Yubico Key in Windows, so I’ll not delve into too much details. I have the model YubiKey 5 NFC. I frequently use 2 GPG keys stored in the key, one for encryption, another for SSH authentication. The GPG encryption part is simple, GnuPG just works. Using the stored GPG key for SSH is a bit complex, because it requires collaboration between GnuPG and the SSH client. After experiment many different solutions, I decide to use the simplest one, using putty/plink as the SSH client and enabling thepageant support in GnuPG. See ♯ SSH Authentication Using a YubiKey on Windows And the OpenSSH Client how to use OpenSSH client with YubiKey.

Updated  •  2 min read