Yubikey on Arch

This article was published 3 years ago. Due to the rapidly evolving world of technology, some concepts may no longer be applicable.

Just a quick guide how to get a Yubikey working on Arch Linux.

Enable the udev rules to access the Yubikey as a user.

echo 'KERNEL=="hidraw*", SUBSYSTEM=="hidraw", MODE="0664", GROUP="users", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="f1d0"' | sudo tee /etc/udev/rules.d/10-security-key.rules

Install the U2F module to provide U2F support in Chrome

sudo pacman -S libu2f-host

Enable pcscd (the system smart card daemon)

sudo systemctl enable pcscd.service

Install the personalization GUI

yaourt -S yubikey-personalization-gui-git

Reboot so that the udev rules take effect and pcscd starts (you could use udevadm trigger and systemctl start pcscd.service here, but I like to reboot)

Run yubikey-personalization-gui and configure slot 1 as a OTP slot and slot two as a static password

Thoughts on this post

Thanks for this post, I am an Arch n00b and got my yubikey 2fa working like a charm!

[…] Update – On Arch Linux it was not working out of the box. I had to follow the instructions from https://michaelheap.com/yubikey-on-arch/ […]

Robbie 2019-11-14

I recently installed Arch and just needed my Yubikey to work in Chrome. All I had to do was install the U2F module (libu2f-host). Cheers

Leave a comment?