| Table of Contents |
|---|
For the purposes of this repository, let’s consider three systems:
- Certification Authority
- System name “ca.netdef.org“
- Will host our Certification Authority
- Server
- System name “server.netdef.org“
- Will function as an SSH server
- Client
- System name "client.netdef.org"
- Will function as an SSH client
Sign client's public keys
...
| Code Block |
|---|
openssl genrsa -out yubikey$YUBIKEYNUM-key.pem 2048
openssl req -new -x509 -batch -key yubikey$YUBIKEYNUM-key.pem -out yubikey$YUBIKEYNUM-cert.pem
|
import keys to yubikey
You import the key and certificate to the PIV applet as follows:
...