|
|
|
|
|
|
by mihaigalos
1254 days ago
|
|
|
Also, I have a Google Authenticator as a fall-back in case the 1st Yubikey PAM fails or I have no access to the internet to contact the Yubico servers for token validation. Perhaps somebody can confirm if it's a good idea or not, but I like to generate only 1 emergency code for Authenticator (the least) and then delete that line in ~/.google-authenticator. Also, permissions of 400. In case interested, check it out in code here:
https://github.com/mihaigalos/config/blob/main/services/pam/... |
|
|