If you use or change to Yubikey authentication for the workspace Owner, all users added to the workspace afterward will be required to use Yubikey authentication as well.
Fireblocks requires a strong method of authentication for transaction signing and authorization. The Fireblocks mobile app uses a device’s biometric sensor for authentication by default.
For customers seeking an alternative authentication method, Fireblocks allows customers the ability to authenticate using Yubikey.
This article describes the steps to setting up a Yubikey 5 NFC device for authentication on the Fireblocks mobile app. The procedure involves initializing the Yubikey device and sending a list of parameters to Fireblocks to associate the initialized device with a workspace user.
Yubikey Setup Guide
- Download and install the Yubikey personalization tool from the Yubikey Website.
- Open the Yubikey personalization tool app, then select the Yubico OTP tab.
- Select Advanced.
- Select Configuration Slot 1.
- Select Generate next to Public Identity, Private Identity, and Secret Key.
- Verify your Yubikey is inserted into the computer USB slot, then select Write Configuration.
- Save as a CSV file.
- Encrypt the CSV file using this PGP public key and attach it to your request form.
Encrypting the CSV file with a PGP key
It is important that you DO NOT send an unencrypted file. If you need help with encryption, please let us know, or get help from your internal IT security team.
brew install gnupg
sudo apt-get install gnupg
- Import the downloaded PGP key using the following commands:
gpg --import armored-keys.asc
- Edit the trust value to ultimate:
gpg --edit-key "Fireblocks Support"
Enter 5 and y to confirm.
(Exit the gpg editing window by typing quit and selecting Enter on your keyboard)
- You can verify the trust by running
- Encrypt the .csv file that you received from the Yubico Personalization Tool by running the following command:
gpg -e -r "Fireblocks Support" [filename].csv
- Run the
lscommand to confirm a .gpg file is created.