Open andrsd opened 2 weeks ago
These are my notes to help users to setup yubikey-agent on macOS with Apple Silicon without homebrew:
I am skipping the obtain the source code, unpack steps. Also, no instructions provided on how to obtain go.
go
To build the package, use
CGO_ENABLED="1" GOOS=darwin GOARCH=arm64 go build
Copy the binary in place. I picked /usr/local/bin and this will be used in below (this can be changed)
/usr/local/bin
sudo cp yubikey-agent /usr/local/bin
Install for a user:
mkdir -p ~/Library/LaunchAgents touch ~/Library/LaunchAgents/launched.yubikey-agent.plist
Copy this into the file launched.yubikey-agent.plist:
launched.yubikey-agent.plist
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>launched.yubikey-agent</string> <key>ProgramArguments</key> <array> <string>/usr/local/bin/yubikey-agent</string> <string>-l</string> <string>/private/tmp/yubikey-agent.sock</string> </array> <key>RunAtLoad</key> <true/> <key>KeepAlive</key> <true/> </dict> </plist>
Enable the service:
cd ~/Library/LaunchAgents launchctl bootstrap gui/$UID launched.yubikey-agent.plist launchctl enable gui/$UID/launched.yubikey-agent.plist
Then, in ~/.ssh/config, use:
~/.ssh/config
Host * IdentityAgent /private/tmp/yubikey-agent.sock
Note: the Apple silicon specific step is the build step. I don't have an Intel-based Mac, so IDK what the step should be. My guess is that the GOARCH value would be different.
GOARCH
The rest should work on all recent macOS machines, though.
These are my notes to help users to setup yubikey-agent on macOS with Apple Silicon without homebrew:
I am skipping the obtain the source code, unpack steps. Also, no instructions provided on how to obtain
go
.To build the package, use
Copy the binary in place. I picked
/usr/local/bin
and this will be used in below (this can be changed)Install for a user:
Copy this into the file
launched.yubikey-agent.plist
:Enable the service:
Then, in
~/.ssh/config
, use:Note: the Apple silicon specific step is the build step. I don't have an Intel-based Mac, so IDK what the step should be. My guess is that the
GOARCH
value would be different.The rest should work on all recent macOS machines, though.