Actually, I use my YUBIKEY for ssh authentication with PKCS11 PIV tool.
I follow this step : https://developers.yubico.com/PIV/Guides/SSH_user_certificates.html
at the end of this developer Guide there is this line :
ssh-add -L > ~/.ssh/id_rsa.pub
ssh-keygen -s ~/.ssh/ca -I identity -n "${LOGNAME}" ~/.ssh/id_rsa.pub
id_rsa-cert.pub is generate and all work fine if I try to authenticate one my openssh server.
But I want to store this id_rsa-cert.pub (public id sign by my CA), in my yubikey ...
I don't know how to do that ...
Any idea ?
(My CA is on my server, I have a copy on my client just for the POC)
Update : 16/11/2021
It's because yubikey use x509 certificats, and ssh RSA certificats ... just not compatible ...
It is already on your yubikey. Step 2 imported the public and the private key to it.