From f5770f524fcb5090963fec2e0dbc88c646924483 Mon Sep 17 00:00:00 2001
From: Fabian Montero <fabian@posixlycorrect.com>
Date: Tue, 17 Sep 2024 19:48:44 -0600
Subject: [PATCH] add u2f support

---
 sys/platforms/posixlycorrect/yubikey.nix | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/sys/platforms/posixlycorrect/yubikey.nix b/sys/platforms/posixlycorrect/yubikey.nix
index 1b9ee9f..0c852b8 100644
--- a/sys/platforms/posixlycorrect/yubikey.nix
+++ b/sys/platforms/posixlycorrect/yubikey.nix
@@ -18,15 +18,17 @@
     enableSSHSupport = true;
   };
 
-  security.pam.services = {
-    login.u2fAuth = true;
-    sudo.u2fAuth = true;
-  };
+  security.pam = {
+    services = {
+      login.u2fAuth = true;
+      sudo.u2fAuth = true;
+    };
 
-  security.pam.yubico = {
-    enable = true;
-    debug = false;
-    mode = "challenge-response";
-    id = ["27677315"];
+    u2f = {
+      enable = true;
+      debug = false;
+      cue = true;
+      control = "sufficient";
+    };
   };
 }