Joost van Dijk from @yubico tells us about #OpenSSH combined with the #FIDO standard at the @nluug #najaarsconferentie. This info applies on any FIDO #securitykey, not just #yubikey.
#opensourceconference #Linuxconference #conference #conferentie #NLUUG #nluug25nj #hardwarekey
FIDO2 USB Key, U2F USB Key, Cheap Yubico alternative, FIDO2, fido alliance certified security keys Replace your mobile authenticator with secure hardware OTP token! Easily programmed via NFC. Designed to use with Google, Facebook, Dropbox, GitHub, Wordpress, Office 365, Azure MFA etc.
There is actually a long open issue at KeePassXC:
https://github.com/keepassxreboot/keepassxc/discussions/3597
First the maintainer was a bit stubborn about it, but then they came up with a valid argument:
This would require a change of the KDBX format, which is defined by the original KeePass Project.
But KDBX File Format is already at version 4.
Can we please have a new version that has several slots for encrypted master key. Like LUKS does.
Summary When creating (or unlocking) a DB, keepassxc allows specifying what's known as composite key in keypass2, e.g. a master password with a key file. All those credentials seem to be required w...
I use KeepassXC (+KeepassDX on AOSP) together with NextCloud for synchronisation.
This works great, except for the fact that I would like to use hardware security tokens.
While Keepass XC & DX support hardware keys.. they actually don't because they only support one hardware key, singular.
And that is my issue!
What if I lose it?!?
Does anyone have a better setup?
#KeePass #KeePassDX #KeePassXC #Passwordmanager #HardwareKey
please boost: i really want to like onlykey but it's all but abandoned
how would one go about making a successor?
im most stumped on manufacturing cheaply. their duo (my favourite form factor on any security key) is only $50!
i *still* don't understand how this onlykey works. i've kinda figured out how to generate subkeys (you have to have $GNUPGHOME point to a valid keyring that has a public key on which you want to create a subkey for, but use `--homedir` to point to a new directory for onlykey to put the new keyring with the subkey), but now it won't generate keys except for the uid i used to use?
@bdiederik 5 but they don't work anymore since I disabled password login on all hosts.
Does someone know an app that supports ssh keys in a gpg smartcard?
I struggle to use a hardware-key on desktop computers. You either need to reach down to the tower, reach behind the display or need some USB hub on your desktop to use them.
Is there a better solution for it?
Cambionn
doboprobodyne
the kangaroo
Leo
xyhhx 🔻
tippfehlr
Fabian【ファビアン】🏳️🌈
Kim