|
|
|
|
|
|
by Freak_NL
2178 days ago
|
|
|
If you wish. You can decide if you want a passphrase on the generated key or not, just as you can with a classic SSH key. It's probably best to use a passphrase and have ssh-agent remember it for you until you shut down the computer. That way you enter your passphrase the first time using SSH with that key after logging in, and ask you to tap the physical U2F key, and only ask for the interaction with the physical key afterwards. When I SSH to a host configured like this, the Yubikey U2F key I am using blinks to ask me to touch it. It's really quite neat. |
|
|