so ive been looking into a Yubikey because i want 2FA on all of my accounts. however on yubicos website it says it supports linux. but the documentation is confusing and i want the Authentication app to setup my Yubikey on my main OS (NixOS) it seems that yubico only supports ubuntu, which i tried using in distrobox but with no success. so i looked on flathub and found this app however it gets me kinda spooked that the app is made by the community. is it safe to use my yubi key with? and if not does anyone have any idea how to compile from source, which btw im kinda a noob at compiling from source which i know is ironic because i run nix.
link to flathub application https://flathub.org/apps/com.yubico.yubioath
I’ve used the Authenticator app on Ubuntu and Arch (and the Steamiffied Arch running on the Steam Deck). I found the best thing is to manually download the tar from their official site, the make symlinks as necessary to get it in your path.
In theory flatpaks are trustworthy, but I wouldn’t spend the money and time to get TOTP on my Yubikeys (always have a backup!) - just to hope nobody is injecting something malicious into the flatpak.
An alternative is to not rely on desktop apps, but use the iOS or Android apps - both are signed/authored by Yubico if I recall correctly.
To mirror what another commenter said, also look at using FIDO whenever possible - it’s not going to get caught up by a keylogger or a shoulder surfer.
This yubikey app is packaged for Nix, the package is called
yubioath-flutter
It probably requires you to set
services.pcscd.enable = true;
I have used my Yubikey to do FIDO2 auth on Linux Mint with Chromium and Firefox. I have tried M365, Twitter and Facebook but any website that supports FIDO2 should work.
Did not need to install any OS components.