Official NixOS Wiki

Nitrokey: Difference between revisions

← Older edit
Lilly (talk | contribs)
2 edits
VisualWikitext
Ardenet (talk | contribs)
2,206 edits
Marked this version for translation
Lilly (talk | contribs)
2 edits
add cli applications for nitrokey storage and nitrokey pro
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
<languages/>
<languages/>
<translate>
This article describes how you can use your [[Wikipedia:Nitrokey|Nitrokey]] with NixOS.
There are multiple variants of Nitrokeys, with the newest being the "Nitrokey 3". Different products support different security operations like FIDO2, One-Time-Passwords and S/MIME and OpenPGP key handling <ref>https://en.wikipedia.org/wiki/Nitrokey#Technical_features</ref>.
</translate>
<translate>
==Installation==
While Nitrokey devices operate via USB (a standard port & protocol), to use it in a meaningful way, udev rules need to be added to the system to make the USB device available to regular users.
</translate>
<translate>
<translate>
<!--T:1-->
===Shell===
This article describes how you can use your [[Wikipedia:Nitrokey|Nitrokey]] with NixOS
 
Depending on your Nitrokey device, there are different CLI applications to interact with it.
 
* {{nixos:package|nitrocli}} (CLI) and {{nixos:package|nitrokey-app}} (GUI) for ''Nitrokey Pro'' and ''Nitrokey Storage''
* {{nixos:package|pynitrokey}} (CLI) and {{nixos:package|nitrokey-app2}} (GUI) for ''Nitrokey 3''.
 
{{info|You will not be able to interact with Nitrokey devices unless you include appropriate udev rules on your system or have elevated privileges.}}
 
</translate>


==Installation== <!--T:2-->
<translate>
===System Setup===


<!--T:3-->
To make Nitrokey devices usable by regular users, enable the appropriate hardware option.
You also want to add the nitrokey udev rules and enable the gpg agent
This will set up correct udev rules.
</translate>
</translate>
{{code|lang=nix|1=hardware.nitrokey.enable = true;}}
<translate>
== Tips and Tricks ==
=== GPG Support ===
{{expand|scope=Section|What exactly do these options do and which functionality does that enable for your nitrokey device?}}


<syntaxHighlight lang=nix>
<syntaxHighlight lang=nix>
services.udev.packages = [ pkgs.nitrokey-udev-rules ];
programs = {
programs = {
   ssh.startAgent = false;
   ssh.startAgent = false;
Line 20: Line 50:
};
};
</syntaxHighlight>
</syntaxHighlight>
</translate>
<translate>
=== KeePassXC ===
[https://keepassxc.org/ KeePassXC] supports securing a password database with Nitrokey hardware tokens. The [https://docs.nitrokey.com/software/nk-app2/keepassxc official Nitrokey documentation] has details on how a Nitrokey device must be set up to work with KeePassXC.
However, some NixOS Options should be set to make it work:
</translate>
{{code|lang=nix|1=
services.pcscd.enable = true;
environment.systemPackages = [ pkgs.nitrokey-app2 ];
}}
<translate>
==References==
<references/>
</translate>


<translate>
<translate>
Retrieved from "https://wiki.nixos.org/wiki/Nitrokey"