Linux Remote Desktop Authentication - Is ThinLinc compatible with Yubikey?

ThinLinc is a Linux Remote Desktop Server that supports different authentication methods such as Smart cards, Kerberos, Passwords, Public keys and, One Time Password (OTP).

Some ThinLinc users and customers asked if ThinLinc is compatible with Yubikey. Yubikey is a popular device used for two-factor authentication.

If you have experiences with Yubikey, feel free to help. ; )

Hello @muitotri

While Yubikey has a few different methods for authentication (FIDO, OTP, Smartcard etc depending on which kind of Yubikey you have), they one I’ve tried is smartcard authentication.
It was fairly straight forward, using Authentication in ThinLinc with PKCS #15 smart cards as a guide.

After installing opensc and using pkcs15-tool to read the public key of the yubikey, I just had to place the key in authorized_keys as per the guide states above.

Would be interesting to hear if anyone else tried something different ?

/Martin