diff --git a/users/b12f/ssh.nix b/users/b12f/ssh.nix
index 711bd65..bd812e6 100644
--- a/users/b12f/ssh.nix
+++ b/users/b12f/ssh.nix
@@ -26,14 +26,17 @@ in {
   home-manager.users."${psCfg.user.name}" = {
     home.file.".ssh/id_ed25519_sk-464.pub".text = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIHUbowjUtBiOPWi+TCHGToFwIsMDY6s7IRev6buVVdWxAAAACHNzaDpiMTJm yubi@464";
     home.file.".ssh/id_ed25519_sk-485.pub".text = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDyxaJNw0jXREOzQfa0E2RQE/xLD/VddDldbdSmS8uf9AAAACHNzaDpiMTJm yubi@485";
+    home.file.".ssh/id_nistp256-748.pub".text = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEST9eyAY3nzGYNnqDYfWHu+89LZsOjyKHMqCFvtP7vrgB7F7JbbECjdjAXEOfPDSCVwtMMpq8JJXeRMjpsD0rw= YubiKey #10166748 PIV Slot 9a";
 
     programs.ssh = {
       enable = true;
       matchBlocks = {
         "*" = {
+          identitiesOnly = true;
           identityFile = [
             "/home/${psCfg.user.name}/.ssh/id_ed25519_sk-464"
             "/home/${psCfg.user.name}/.ssh/id_ed25519_sk-485"
+            "/home/${psCfg.user.name}/.ssh/id_nistp256-748.pub"
           ];
         };
 
diff --git a/users/b12f/u2f.nix b/users/b12f/u2f.nix
index c5db091..392807e 100644
--- a/users/b12f/u2f.nix
+++ b/users/b12f/u2f.nix
@@ -16,7 +16,7 @@ in {
   };
 
   security.pam.services = {
-    login.u2fAuth = false;
+    login.u2fAuth = true;
     sudo.u2fAuth = true;
   };
 }