1 files changed, 5 insertions, 1 deletions

diff --git a/sys/hardware/yubico.nix b/sys/hardware/yubico.nix
index 1c77675..ba820e1 100644
--- a/sys/hardware/yubico.nix
+++ b/sys/hardware/yubico.nix
@@ -30,13 +30,17 @@ in {
       module: ${pkgs.yubico-piv-tool}/lib/libykcs11.so
     '';
 
+    local.boot.impermanence.files = [
+      "/etc/pam_u2f_keys"
+    ];
+
     security.pam = mkIf cfg.pamAuth {
       u2f = {
         enable = true;
         control = "sufficient";
 
         settings = {
-          authfile = "/var/trust/pam_u2f_keys";
+          authfile = "/etc/pam_u2f_keys";
           cue = true;
           pinverification = 1;
           userpresence = 0;