11/1/2023 0 Comments Yubico aws![]() Copy and paste your code into the AWS Console’s “MFA code 1” box. Your terminal will prompt you to tap your now flashing YubiKey, and once you do so a six-digit code will print out in your terminal. Use the following command: ykman oath code Generate two consecutive unique codes to finish assigning the MFA in AWS Without the -t for ‘tap’, a process could generate codes without the need for a physical button tap, and that’s really not a best practice. This is a security measure and should be enabled to ensure a malicious process cannot generate codes without your approval. t specifies that we want to require a “tap” each time a code is requested. By default, it’s time based and 6 digits, but that can be modified if you review the ykman manual. ![]() Oath specifies that we want to set up a one time password. is the secret key listed below the QR code in the AWS Console that you just copied. We’ll use it to call for tokens from now on. can be any word or name you wish, without spacing. Back to your terminal window!īack on your terminal window, you’ll want to use the following command (but with your own information as described below): ykman oath add -t Again, leave the AWS console window open too! 6. Since a YubiKey doesn’t have the ability to snap-up QR codes like a phone camera, we’re going to go the code route.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |