2

SSH + Yubikey Usage

Eclypsed edited this page 2025-12-16 19:35:53 +00:00

Table of Contents

• Retrieving the key to a new machine

I use a Yubikey to store my ssh keys as a physical hardware key.

Retrieving the key to a new machine

1. Plug in the yubikey and make sure yubikey manager is installed (temporarily install it with nix-shell -p yubikey-manager)
2. Run ssh-keygen -K to generate the id_ed25519_sk_rk.pub and id_ed25519_sk_rk files in the current directory.

To add the key to the ssh-agent (ephemeral):

eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_ed25519_sk_rk # Or whatever the path to the private key is

Or, to permanently add it to the agent, add the following to ~/.ssh/config:

Host *
  AddKeysToAgent yes
  IdentityFile ~/.ssh/id_ed25519_sk_rk