Installation instructions for macOS with Apple Silicon without using homebrew

[andrsd]

These are my notes to help users to setup yubikey-agent on macOS with Apple Silicon without homebrew:

I am skipping the obtain the source code, unpack steps. Also, no instructions provided on how to obtain go.

To build the package, use

CGO_ENABLED="1" GOOS=darwin GOARCH=arm64 go build

Copy the binary in place. I picked /usr/local/bin and this will be used in below (this can be changed)

sudo cp yubikey-agent /usr/local/bin

Install for a user:

mkdir -p ~/Library/LaunchAgents
touch ~/Library/LaunchAgents/launched.yubikey-agent.plist

Copy this into the file launched.yubikey-agent.plist:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>launched.yubikey-agent</string>
    <key>ProgramArguments</key>
    <array>
        <string>/usr/local/bin/yubikey-agent</string>
        <string>-l</string>
        <string>/private/tmp/yubikey-agent.sock</string>
    </array>
    <key>RunAtLoad</key>
    <true/>
    <key>KeepAlive</key>
    <true/>
</dict>
</plist>

Enable the service:

cd ~/Library/LaunchAgents
launchctl bootstrap gui/$UID launched.yubikey-agent.plist
launchctl enable gui/$UID/launched.yubikey-agent.plist

Then, in ~/.ssh/config, use:

Host *
    IdentityAgent /private/tmp/yubikey-agent.sock

Note: the Apple silicon specific step is the build step. I don't have an Intel-based Mac, so IDK what the step should be. My guess is that the GOARCH value would be different.

The rest should work on all recent macOS machines, though.