Situatie

One can use a hardware security key such as YubiKey for OTP or FIDO2 for additional security on Linux to protect disks, ssh keys, password manager, web applications and more. The YubiKey Manager is available as both GUI and CLI too. One can use it for finding information about YubiKey, such as:

1. Seeing the serial number and firmware version of your YubiKey
2. Configuring FIDO2 PIN, FIDO applications, the OTP application
3. Manage YubiKey short and long slots
4. Enable and disable interfaces.

Prerequisite

Be careful with a particular option such as reset, which will delete all FIDO config, and it will lock you down using remote services or ssh keys.

Visit this page to grab the latest AppImage. One can use the wget command or curl command to download both AppImage and verification signature file. For instance:
$ wget https://developers.yubico.com/yubikey-manager-qt/Releases/yubikey-manager-qt-1.2.4b-linux.AppImage \
https://developers.yubico.com/yubikey-manager-qt/Releases/yubikey-manager-qt-1.2.4b-linux.AppImage.sig

Step 2 – Verify YubiKey Manager for Linux using the gpg

Type the following gpg command to verify signature:
$ gpg --verify yubikey-manager-qt-1.2.4b-linux.AppImage.sig

Here is what I saw on my machine:

gpg: assuming signed data in 'yubikey-manager-qt-1.2.4b-linux.AppImage'
gpg: Signature made Wed 10 AUG 2022 11:32:21 AM IST
gpg:                using RSA key E6919ABF48C484E3CB7B71CB870B88256690D8DC
gpg: Can't check signature: No public key

keyserver hkps://keys.openpgp.org

sudo cp -v yubikey-manager-qt-1.2.4b-linux.AppImage /usr/local/bin/
## OR  ##
mkdir -p ~/bin/ && cp -v yubikey-manager-qt-1.2.4b-linux.AppImage ~/bin/

'yubikey-manager-qt-1.2.4b-linux.AppImage' -> '/home/vivek/bin/yubikey-manager-qt-1.2.4b-linux.AppImage'

sudo chmod -v +x /usr/local/bin/yubikey-manager-qt-1.2.4b-linux.AppImage
## OR  ##
chmod -v +x ~/bin/yubikey-manager-qt-1.2.4b-linux.AppImage

Solutie

Tip solutie