Subj : Re: Yubikey To : Sean Dennis From : Warpslide Date : Tue Jun 08 2021 20:07:26 On 08 Jun 2021, Sean Dennis said the following... SD> I have thought about using a Yubikey for limiting root access to my BBS SD> server. Are any of you using a Yubikey or something similar? I know SD> that Slackware supports the use of a Yubikey via third-party software. SD> If you're using one, what do you think about it? I have a few Yubikeys. All USB A and two that support NFC. I don't use any of them. I love the idea, and for about a month I had them setup on every account that supports them. GMail, Facebook, my domain registrar and DNS provider & even a wordpress site that I used to run. Some services let you check a box to "don't ask me again on this device" while others may have "don't ask me again for 30 days" which I quite like. If I've logged in from that device, chances are it's safe. I guess the problem is, I kept the yubikey on my keychain. So it's 8pm on some random Wednesday and you want to log into your webmail & then you're greeted with "press the button on your yubikey to continue". Now you have to get off the couch, go to the front door & grab your keys, walk back to your laptop, insert the yubikey & press the button, then walk back to the front door to put your keys back so that you're not looking for them in a panic the next morning. All-in-all, a very 1st-world problem that after awhile just made it not worth it for me. I use Google Authenticator for everything that supports it, that way I can just grab my phone which is usually with me to enter the codes, or even use a desktop client that also supports TOTP codes if you don't want to use your phone. I've used tutorials for Debian/Ubuntu for adding Google Auth support to SSH, Slackware may support it as well: https://ubuntu.com/tutorials/configure-ssh-2fa#1-overview Maybe if you usually log into your server from the same computer and had the Yubikey handy at that computer the experience may be better. Jay --- Mystic BBS v1.12 A46 2020/08/26 (Raspberry Pi/32) * Origin: Northern Realms (618:500/23) .