Note:
This documentation has moved to a new home! Please update your bookmarks to the new URL for the up-to-date version of this page.
It might be worth adding some further documentation on using FIDO2 resident keys - so then the authenticator would be the primary factor rather than a second factor, and the authenticator would be portable without requiring the private key file to be moved around.
I didn’t describe resident keys because my yubikey doesn’t support that.
Hi, I added a section about resident keys, testing the commands on my FIDO2 keys. The contents are in part taken from the OpenSSH 8.2 release notes (https://www.openssh.com/releasenotes.html), which have a very clear section on resident keys, but I changed/moved/simplified a few things.
If we’re all happy with the section I added we can delete the review comments.
1 Like
Why does the documentation still say “sudo systemctl restart sshd.service” when Ubuntu 24.04 returns this “Failed to restart sshd.service: unit sshd.service not found.” Why isn’t the non-transparent socket access clearly explained here?