Skip to content

Instantly share code, notes, and snippets.

@vladak

vladak/solokey-ssh.md

Last active October 2, 2024 19:33
Show Gist options
  • Save vladak/e2ed576633887d54522146332f664fcb to your computer and use it in GitHub Desktop.
Save vladak/e2ed576633887d54522146332f664fcb to your computer and use it in GitHub Desktop.
Download ZIP
Solokey setup for SSH
Raw
solokey-ssh.md

This is meant for Ubuntu 20.04.4 LTS and Solokey Somu

The purpose of the key is backup key (in case all my Yubikeys and smart phone get lost), hence the resident SSH key and 2FA setup for the Github account.

Initial setup

python3 -m venv env
. ./env/bin/activate
pip install solo1
  • update the firmware (I had to try twice to get the firmware updated successfully). This is needed to successfully generate the ed25519-sk SSH key.
solo1 key update
  • list the key
solo1 ls
  • set the PIN (requires a workaround for solokeys/solo1-cli#156 - different way of installing the solo1 Python package than above)
solo1 key set-pin
  • generate the SSH keys:
ssh-keygen -t ed25519-sk -O resident -f ~/altssh/id_ed25519_sk_solo
  • register the SSH public key on Github
  • register the Solokey as 2nd factor on Github

Recovery

To recover the SSH key pair:

ssh-keygen -K

This will generate the files with public key and private key handle in the current directory (named id_ed25519_sk_rk{,.pub}). The process will require the PIN set above.

Useful links

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment