20 lines
427 B
Nix
20 lines
427 B
Nix
{ pkgs, ... }: {
|
|
security.pam.yubico = {
|
|
enable = true;
|
|
debug = true;
|
|
control = "required";
|
|
mode = "challenge-response";
|
|
challengeResponsePath = "/run/secrets/yubikey";
|
|
id = [ "18550256" ];
|
|
};
|
|
|
|
sops.secrets."yubikey/albert-18550256" = {
|
|
owner = "albert";
|
|
mode = "600";
|
|
sopsFile = ../../../secrets/yubikey.yaml;
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
yubico-pam
|
|
];
|
|
}
|