modules/yubikey: make PAM machine-independent

This defaults to using the hostname, so was only set up for x220.

2 files changed, 2 insertions, 1 deletions

diff --git a/modules/workstation/hardware/yubikey/default.nix b/modules/workstation/hardware/yubikey/default.nix
index d047246bb20d..0f2d63e742b9 100644
--- a/modules/workstation/hardware/yubikey/default.nix
+++ b/modules/workstation/hardware/yubikey/default.nix
@@ -8,6 +8,7 @@
     Defaults timestamp_timeout=0
   '';
 
+  security.pam.u2f.appId = "pam://qyliss.net";
   security.pam.u2f.cue = true;
   security.pam.u2f.authFile = pkgs.copyPathToStore ./u2f_keys;
 }
diff --git a/modules/workstation/hardware/yubikey/u2f_keys b/modules/workstation/hardware/yubikey/u2f_keys
index c5601f5f0703..1bb4f2f4c3a4 100644
--- a/modules/workstation/hardware/yubikey/u2f_keys
+++ b/modules/workstation/hardware/yubikey/u2f_keys
@@ -1 +1 @@
-qyliss:HIWnn91xwo-f14WjdDSdiX2Rs9NdJr2QF4_5_gYUpTkennbpR8AOXHmfEzj5llyLyb-_WEaVUQU59ieCamq9SA,044196971044cff2724ea9ab4624ef860fde32337acc6c3a323899f36a50bf87d06f535c146111f96925455f8c07addff769dfd502c216a9683c70898bb521ada5
+qyliss:xEFvYinTZARyMSapx3wLN6U0w5oy7he66DM9Ww1EIUwr1eEsdEVX6JTayiol+XyGkThCMCRPJcEvTqR8cgXd8A==,0gl+uRidS5Dhx1S54aniQhJE+anN6hhTelZ8DncvpM2Z6MLfc/QUotFFE0cCBEA6KbQOIK9+WtgabFGOqBmljw==,es256,+presence