You did not says what method you are using. https://developers.yubico.com/SSH/ lists 4 different ways to use the Yubikey: PIV, PGP, FIDO U2F and OTP. In PIV section: https://developers.yubico.com/PIV/Guides/SSH_user_certificates.html It says: "If you have followed these steps to the letter, you will not be asked for the PIV PIN, but your YubiKey will start blinking, waiting for touch." Note the "--pin-policy=never --touch-policy=always" On 7/10/2020 3:38 PM, Frank Sharkey wrote:
I set up the YubiKey with OpenSSH 8.2 (Ubuntu client and server) and it works. However, it does not do PIN enforcement at SSH login. It only requests the PIN during the set-up process (when the key is being generated). Is that the way it's supposed to work? Frank _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
-- Douglas E. Engert <DEEngert@xxxxxxxxx> _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
