Setup login and sudo authentication through U2F w/ YubiKey

Signed-off-by: Mel <mel@rnrd.eu>
author: Mel <mel@rnrd.eu> 2025-06-05 03:41:32 +0200
committer: Mel <mel@rnrd.eu> 2025-06-05 03:41:32 +0200
commit: 182aa5ecdc5c6583ce9b44c5a13432bb30409fc8 (patch)
tree: bf4d0fbba4e1cc8db47238002a293bae90998e4e /modules/home
parent: bca04b418838998c183b4e087ded86856c88a062 (diff)
download: minerals-182aa5ecdc5c6583ce9b44c5a13432bb30409fc8.tar.zst
minerals-182aa5ecdc5c6583ce9b44c5a13432bb30409fc8.zip
2 files changed, 18 insertions, 0 deletions
diff --git a/modules/home/common.nix b/modules/home/common.nix
index e2b57f7..cdf8c1c 100644
--- a/modules/home/common.nix
+++ b/modules/home/common.nix
@@ -5,6 +5,7 @@
     ../foundation/home
 
     ./shell.nix
+    ./yubikeys.nix
     ./code.nix
     ./zed.nix
   ];
diff --git a/modules/home/yubikeys.nix b/modules/home/yubikeys.nix
new file mode 100644
index 0000000..266ce9d
--- /dev/null
+++ b/modules/home/yubikeys.nix
@@ -0,0 +1,17 @@
+{ ... }:
+
+let
+  keys = [
+    # username of YubiKey owner (me! :3)
+    "mel"
+    # "carnal" YubiKey
+    "7dYKqa9yw69hXwmYd61Bw0hnnxbSsASieIBmokmbAHArJexkPz+TGRVdXW2U8QiLAoe9l1QKo3jrtQxxbBiuFQ==,N7bABlRz0DvIqwxgBnTiyNZ4/JnRIRUEhVk+95h7+KtbTYdnoGnSaqiiimGQxTWxOHfpHbuii127f0HUwYPmXw==,es256,+presence"
+    # "anatomy" YubiKey
+    "//CLbB23LlMtMwefGzrMVELgTkIcfMRSjxJlQDvQ3FKRrlyPA75rosYVl5tqQbkPyed0fwsAkr1vhqPtth4GMQ==,VwxKl0ZYDmCTU02ziMigG1ZVC1MXDH9qeuBT1qplw1pt++tV32xao/yHayiRc2hvbJdJjfplQxT7mLnW90u9WQ==,es256,+presence"
+  ];
+in
+{
+  xdg.configFile = {
+    "Yubico/u2f_keys".text = builtins.concatStringsSep ":" keys;
+  };
+}
author	Mel <mel@rnrd.eu>	2025-06-05 03:41:32 +0200
committer	Mel <mel@rnrd.eu>	2025-06-05 03:41:32 +0200
commit	182aa5ecdc5c6583ce9b44c5a13432bb30409fc8 (patch)
tree	bf4d0fbba4e1cc8db47238002a293bae90998e4e /modules/home
parent	bca04b418838998c183b4e087ded86856c88a062 (diff)
download	minerals-182aa5ecdc5c6583ce9b44c5a13432bb30409fc8.tar.zst minerals-182aa5ecdc5c6583ce9b44c5a13432bb30409fc8.zip