A macOS application that simplifies SSH server access using your YubiKey's self-signed certificate. The application runs in your menu bar and provides a web interface for managing SSH servers and deploying your YubiKey's public key.
The web interface allows you to manage servers, check YubiKey status, and initiate SSH connections.
Quick access to your servers directly from the macOS menu bar.
- macOS menu bar application for quick access
- Web interface for managing SSH servers
- Automatic YubiKey public key deployment to servers
- Secure SSH connections using YubiKey authentication
- Server configuration management
- macOS
- Python 3.9
- YubiKey with PIV capability
- SSH access to your servers
- Clone the repository:
git clone https://github.com/robertherbaugh/yubikey-ssh-manager.git
cd yubikey-ssh-manager- Create a virtual environment and activate it:
python -m venv venv
source venv/bin/activate- Install the required packages:
pip install -r requirements.txt- Install YubiKey PIV Client:
brew install yubico-piv-tool- Download the latest release
- Install Python 3.9+ if not already installed:
brew install python@3.9- Install the required packages:
pip3.9 install -r requirements.txt- Double-click the app to run it
- Start the application:
python app.py-
The application will appear in your menu bar with a 🔐 icon.
-
Click the icon and select "Open Manager" to access the web interface.
-
In the web interface, you can:
- Check YubiKey status
- Add new servers
- View and manage existing servers
- Connect to servers using YubiKey authentication
- Click "Open Manager" from the menu bar icon
- Fill in the server details:
- Server Name (for identification)
- Hostname (IP address or domain)
- Username
- Port (default: 22)
- Click "Add Server"
The application will automatically deploy your YubiKey's public key to the server when you first connect.
- All server credentials are stored locally in
~/.yubikey-ssh-manager/servers.json - The application uses your YubiKey's self-signed certificate for SSH authentication
- No passwords are stored; authentication is handled through public key cryptography
-
YubiKey not detected:
- Ensure your YubiKey is properly inserted
- Check if the YubiKey manager can detect your device
-
Connection issues:
- Verify server credentials are correct
- Ensure the server allows public key authentication
- Check server SSH configuration
Contributions are welcome! Please feel free to submit a Pull Request.
This project is licensed under the MIT License - see the LICENSE file for details.