I found an article about how to enable U2F login in Ubuntu here https://shibumi.dev/posts/login-via-yubikey-on-linux-u2f and also from Ybikey site https://support.yubico.com/support/solutions/articles/15000011356-ubuntu-linux-login-guide-u2f

Procedure was really easy so here are the steps:

install U2F pam module
sudo apt-get install libpam-u2f

Create folder for the keys
mkdir ~/.config/Yubico
This folder might be already present
create first key entry
pamu2fcfg > ~/.config/Yubico/u2f_keys
You can insert your yubikey and touch the metal and key is written to the file

Enabling U2F for sudo:
Edit the file
sudo vim /etc/pam.d/sudo
and after the @include common-auth line add
auth       required   pam_u2f.so

Now you can open new terminal window and type
sudo echo test
It should ask your password and then waits for the yubikey to be pressed.
After you touch the metal on yubikey, sudo should work

If you want to enable U2F for graphical login, add the following line to your DisplayManager's config in /etc/pam.d folder after @include common-auth
auth       required   pam_u2f.so

Adding backup key

I have another key that supports U2F and it's solokeys https://solokeys.com/
Only thing you need to do is insert another key to ~/.config/Yubico/u2f_keys file
pamu2fcfg -n >> ~/.config/Yubico/u2f_keys
Notice the slightly different command (the -n parameter) and >> means you append the file, not write over

#yubikey #2fa #solokeys #ubuntu #U2F

PSA: MyFitnessPal has been compromised leading to 143M accounts to have their weakly hashed passwords, usernames, email addresses and IP addresses leaked.

Considering that UnderArmour owns MFP, and that password resets go through your UA account, I would garner to say that you should change your password if you're signed up to any of the UA-owned services.

Currently my node is aware of 3575 nodes with 2496169 registered users from the following platforms:

Friendica (359/13545)
diaspora (262/655654)
red (8/72)
hubzilla (224/4807)
GNU Social (183/420)
StatusNet (9/11)
Mastodon (2237/1817064)
pleroma (288/3729)
socialhome (4/730)
ganggo (1/137)

#federation

@kogumanomisha I'm also in nextcloud/keepassxc path.
I like keepassxc because I can store my TOTP codes there also. They have also good Firefox Add-on for generating passwords and inserting them in the login page.

@dan @mike 2 years without Google and FB and I’m still alive 😊. Hosting own email, nextcloud and Searx.

@peanutbutter144 Prefer TOTP type 2FA. SMS based authentication methods are not considered safe anymore.
Enable 2FA as much as possible

@kev It has been around for a while. It practically all in one platform. Websites, blogs, social media and such. You can make yourself different channels that act as fediverse account. It also has good privacy options for posts and media.

project.hubzilla.org/page/hubz

Thinking of something quick weekend project for my server.
It already has the following





Not going to have mastodon or diaspora for now

Most of these are not in “production”. I use mostly nextcloud and hubzilla. Others are there just because.

Or I go to hw project and try to put some free os to Apple iBook G4 laptop.

@dan Good thing you found it before it was trashed permanently

Libre of a different kind to start off my Friday.

"Who is Jenny Everywhere? Modify and share this character | Opensource.com"

opensource.com/article/18/10/j

@aadilayub Hello

Have looked joplin.cozic.net/

It's also OpenSource and you can host your files on your own server or locally.
There is possibility to encrypt all the notes and store them in like or file share

There is also add-on for FireFox which allows you take snippets from websites.

Show older
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.