Plugin Setup:
Yubikey 2fa Plugin Download: https://github.com/brush701/keechallenge
Keepass plugin install path (Linux): /usr/lib/keepass2/Plugins
Keepass plugin install path (Windows) (Approximately): C:\Program Files\KeePass2\Plugins

For Linux:
Plugin depends on apt package xdotool for autotype functionality: sudo apt install xdotool
Plugin depends on personalization tool CLI: https://www.yubico.com/support/download/yubikey-personalization-tools/
    The CLI depends yubico-c (https://developers.yubico.com/yubico-c/), which requires apt packages: autoconf, libtool, asciidoc-base, make
        git clone https://github.com/Yubico/yubico-c.git
        cd yubico-c
        sudo apt install autoconf libtool asciidoc-base make
        autoreconf --install
        ./configure
        make
        sudo make install
    CLI also requires apt packages build-essential and libusb-dev: sudo apt install build-essential libusb-dev
    CLI needs a patch to build.  Edit ykpers-args.h and add "extern" to the definition of "optstring" and "usage"
    To build and install:
        ./configure
        make
        sudo make install
    Libraries will be installed to '/usr/local/lib' by default, but need to be in '/usr/lib' for KeePass to see them:
        sudo cp /usr/local/lib/libykpers-1.so* /usr/lib/

Set Challenge to Slot 1

Before being able to sync, you will need to be able to establish an SFTP connection to the "vault" user
headlessly.  Set up a traditional SSH key in Pageant or the linux SSH Agent.  Alternatively, use the SSH
key on the Yubikey.  Follow instructions in yubikey-ssh-info.txt for details.

For windows:
Use this extension to sync over SFTP: https://keepass.info/plugins.html#ioprotocolext
This extension will allow you to open a remote database "directly", rather than obtaining a local
copy and completing synchronization.  This is the recommended method for temporary database access.
Sync button triggers not yet published.

For linux:
An initial copy of the database and the Challenge 2fa file will need to be obtained via SFTP.
Here are the command lines needed to fetch the files.
sftp -oPort=2222 vault@liberty.apromenschenkel.com:/keepass/Personal.kdbx
sftp -oPort=2222 vault@liberty.apromenschenkel.com:/keepass/Personal.xml

Syncing is done using helper scripts "get-db-from-server.sh" and "put-db-to-server.sh", and the native
file syncing Keepass feature.  Triggers to automate this process are found in "triggers.xml".
Note that all KeePass triggers have hard-coded paths and will likely need to be updated to get
syncing working.