Repeat these steps for any additional YubiKeys that you want to use. (Optional) Check the Require touch option if you want to require a touch to the metal contact on the YubiKey to approve challenge-response actions.Click Generate to generate a new secret.Select Challenge-response and click Next.Under Long Touch (Slot 2), click Configure.Insert your YubiKey to an available USB port on your Mac.To configure the YubiKeys, you will need the YubiKey Manager software. Click Close to exit the installation wizard.When prompted, enter your password or use Touch ID to confirm the installation.If you do not enable FDE, it is possible to reboot the Mac into recovery mode and disable the 2FA requirement. Note: Enabling full disk encryption (FDE) with FileVault is highly recommended when using the macOS Login Tool. The macOS Login Tool allows for secure two-factor authentication on Macs using the HMAC-SHA1 challenge-response feature of the YubiKey. For macOS Catalina and newer, please consider following our guide on using YubiKeys as smart cards with macOS, which can be found here. Because this prevents the macOS Login Tool from functioning under macOS Catalina, we will be discontinuing support for the macOS Login Tool. Apple has changed entitlements in authorization and added extra protections to the login process, which prevents it from communicating with USB devices (including the YubiKey). Due to developments outside of Yubico’s control, this tool cannot function on macOS Catalina (10.15) and newer.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |