Skip to content

fix: Add YubiKey support for password input #146

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
majiayu000 wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix: Add YubiKey support for password input #146

majiayu000 wants to merge 1 commit into from

Conversation

@majiayu000
Copy link

@majiayu000 majiayu000 commented Dec 30, 2025

Summary

This PR fixes #77 by implementing YubiKey (and similar hardware token) support for password authentication.

Changes

  • Environment Variable: Added TOTP_YUBIKEY environment variable to enable YubiKey mode
  • User-Friendly Prompts: Modified password prompts to display "Touch your YubiKey:" when YubiKey mode is enabled
  • Flexible Support: Works with YubiKey Static Password, OTP slots, and any hardware token that supports keyboard emulation
  • Tests: Added comprehensive test coverage (TestYubiKeyModeWithPassword)
  • Documentation: Updated README with detailed YubiKey usage instructions and examples

Implementation Details

The implementation leverages YubiKey's keyboard emulation capabilities, avoiding the need for external YubiKey libraries. This keeps the solution simple and compatible with various hardware tokens.

When TOTP_YUBIKEY=1 is set:

  • Initial setup prompt: "Touch your YubiKey (do not forget your configuration):"
  • Regular usage prompt: "Touch your YubiKey:"
  • Works seamlessly with existing TOTP_PASS environment variable for automation

Testing

All tests pass including the new YubiKey test case:

✓ TestYubiKeyModeWithPassword
✓ All existing storage tests

Generated with Claude Code

@majiayu000 @claude
Add YubiKey support for password input
e52f82e 
This commit implements YubiKey integration for password authentication
by adding support for the TOTP_YUBIKEY environment variable. When enabled,
users can use YubiKey static passwords, OTP slots, or any hardware token
that supports keyboard emulation as their encryption password.

Changes:
- Added TOTP_YUBIKEY environment variable support
- Modified password prompts to indicate YubiKey mode when enabled
- Added comprehensive test coverage for YubiKey functionality
- Updated README with YubiKey usage documentation

The implementation avoids external dependencies by leveraging YubiKey's
keyboard emulation capabilities, making it compatible with various
hardware tokens without requiring specialized libraries.

Fixes yitsushi#77

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Signed-off-by: majiayu000 <1835304752@qq.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Allow using a yubikey (or similar) for the password

1 participant

@majiayu000