How do I login to a YubiKey protected server?

Assuming you have a YubiKey provided by Code Enigma and you have been informed your live infrastructure is protected by YubiKey authentication, this FAQ serves as a reminder for how to use that YubiKey to access your server. If you do not have a YubiKey, you can buy them from this website: https://www.yubico.com

The "standard" YubiKey is adequate, but all should work. If you purchase your own YubiKey directly from Yubico, please contact us to configure it by raising a support ticket. If you receive a YubiKey from Code Enigma, it should be pre-configured and already bound to your Code Enigma account.

Once you have a configured YubiKey, ssh to a YubiKey protected server in the usual way. You should see the message "Authenticated with partial success." and immediately after this a demand for your password. Enter your Code Enigma password but DO NOT press Enter. Plug your YubiKey into an available USB port and press the small golden disk on top, holding it for a second or two. It will complete the password with a YubiKey one time password (OTP) and press Enter for you. You should then be logged in.

If you need to execute a command using `sudo` you will be prompted first for your YubiKey, then for your Code Enigma password as before. At the first prompt you simply press the gold disk on your YubiKey in the same way. It will automatically enter the password and press Enter, leaving you free to enter your Code Enigma password.