From b0ff050687db28faad40b61a85dce9115577286f Mon Sep 17 00:00:00 2001 From: Dmitriy Pleshevskiy Date: Sun, 19 May 2024 15:11:09 +0300 Subject: [PATCH] modules/yubikey: change u2f control to required --- modules/nixos/configs/yubikey.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/nixos/configs/yubikey.nix b/modules/nixos/configs/yubikey.nix index 00b08a1..3e76638 100644 --- a/modules/nixos/configs/yubikey.nix +++ b/modules/nixos/configs/yubikey.nix @@ -9,6 +9,11 @@ let cfg = config.local.yubikey; in config = lib.mkIf cfg.enable { environment.systemPackages = [ pkgs.yubikey-manager pkgs.yubikey-personalization ]; + security.pam.u2f = { + enable = true; + control = "required"; + }; + services.udev.packages = [ pkgs.yubikey-personalization ]; security.pam.services = { login.u2fAuth = true;