How to install YubiKey Manager GUI on Linux

Configurare noua (How To)

Situatie

One can use a hardware security key such as YubiKey for OTP or FIDO2 for additional security on Linux to protect disks, ssh keys, password manager, web applications and more. The YubiKey Manager is available as both GUI and CLI too. One can use it for finding information about YubiKey, such as:

  1. Seeing the serial number and firmware version of your YubiKey
  2. Configuring FIDO2 PIN, FIDO applications, the OTP application
  3. Manage YubiKey short and long slots
  4. Enable and disable interfaces.

Prerequisite

Be careful with a particular option such as reset, which will delete all FIDO config, and it will lock you down using remote services or ssh keys.

Visit this page to grab the latest AppImage. One can use the wget command or curl command to download both AppImage and verification signature file. For instance:
$ wget https://developers.yubico.com/yubikey-manager-qt/Releases/yubikey-manager-qt-1.2.4b-linux.AppImage \
https://developers.yubico.com/yubikey-manager-qt/Releases/yubikey-manager-qt-1.2.4b-linux.AppImage.sig

Step 2 – Verify YubiKey Manager for Linux using the gpg

Type the following gpg command to verify signature:
$ gpg --verify yubikey-manager-qt-1.2.4b-linux.AppImage.sig

Here is what I saw on my machine:

gpg: assuming signed data in 'yubikey-manager-qt-1.2.4b-linux.AppImage'
gpg: Signature made Wed 10 AUG 2022 11:32:21 AM IST
gpg:                using RSA key E6919ABF48C484E3CB7B71CB870B88256690D8DC
gpg: Can't check signature: No public key

Let us grab the RSA key E6919ABF48C484E3CB7B71CB870B88256690D8DC. Edit your gpg.conf, run:
$ vi ~/.gnupg/gpg.conf
Append / edit (at least set Keyserver):

keyserver hkps://keys.openpgp.org

Save and close the file. Then get the key:
$ gpg --recv-keys E6919ABF48C484E3CB7B71CB870B88256690D8DC
OR
$ gpg --keyserver hkps://keys.openpgp.org --recv-keys E6919ABF48C484E3CB7B71CB870B88256690D8DC

Step 3 – Installing YubiKey Manager

Now that you verified the downloaded file, it is time to install it. Simply copy file to /usr/local/bin directory or your ~/bin/ using the cp command. For example:

sudo cp -v yubikey-manager-qt-1.2.4b-linux.AppImage /usr/local/bin/
## OR  ##
mkdir -p ~/bin/ && cp -v yubikey-manager-qt-1.2.4b-linux.AppImage ~/bin/

Outputs:

'yubikey-manager-qt-1.2.4b-linux.AppImage' -> '/home/vivek/bin/yubikey-manager-qt-1.2.4b-linux.AppImage'

Next, set up executable permission using the chmod command:

sudo chmod -v +x /usr/local/bin/yubikey-manager-qt-1.2.4b-linux.AppImage
## OR  ##
chmod -v +x ~/bin/yubikey-manager-qt-1.2.4b-linux.AppImage

Outputs:

mode of ‘/home/vivek/bin/yubikey-manager-qt-1.2.4b-linux.AppImage’ changed from 0664 (rw-rw-r–)

Solutie

Tip solutie

Permanent

Voteaza

(15 din 31 persoane apreciaza acest articol)

Despre Autor

Leave A Comment?