How to set a FIDO2 PIN on the SoloKey v2

Officially a FIDO2 device exposes APIs that the fido2-token CLI application as part of the fido2-tools package on Fedora Linux can use to modify a security tokens FIDO2 PIN. As...

GNOME keyring unlock when using password-less login to Fedora Linux Workstation

While I detailed how to use the YubiKey security token for a variety of things I want to revisit hardware token usage as login factor for GNOME sessions as those...

OpenSSH key management with YubiKey PIV and FIDO2

As my SSH keys for both work and private infrastructure are quite valuable to me I like to have those as secure as fairly possible. The YubiKey provides two features...

Maintaining a staging environment with nightly Btrfs snapshots

A staging environment is a near-production environment where updates and changes are tested before role-out in production. All my servers run on Btrfs and Btrfs makes managing snapshots easy. Together...

Using a YubiKey for authentication at a Fedora Linux Workstation

Let me tell you how to configure a YubiKey 5C NFC and Linux PAM to authenticate in all cases PAM is used and you’d like to use a YubiKey. This...

Exploring the use of YubiKeys in Fedora Linux

I’m currently exploring the use-cases for YubiKeys in the context of my role as CTO at othermo GmbH. As most of my day-job work feeds back into my personal life...

Safe automatic decryption of LUKS partition using TPM2

In this article I demonstrate and explain how to safely decrypt a LUKS encrypted disk automatically using a TPM2 chip, the clevis package and initramfs. This article is meant for...