Mastodawn

A few weeks ago I finally changed my #SSH key(s) on my #YubiKey(s) from the old PIV function to a #FIDO2 key using @jgoerzen 's excellent guide: https://www.complete.org/easily-using-ssh-with-fido2-u2f-hardware-security-keys/

It is so much better! It does not regularly fail, the credentials in the ssh-agent don't need re-adding on any failed auth. The flow of when I forgot the ssh-add call is so much better as you can just type the password. And while my keys are too old to support ed25519 at least it's no longer a short RSA.

Easily Using SSH with FIDO2/U2F Hardware Security Keys

A lot of new hardware security keys (Yubikey, Nitrokey, Titan, etc.) now support FIDO2 (aka U2F aka Webauthn aka Passkey; yes it’s a mess). So does OpenSSH. This spells good news for us, because it is far easier to use than previous hardware security types (eg, PKCS#11 and OpenPGP) with ssh. A key benefit of all this, if done correctly, is that it is actually impossible to access the raw SSH private key, and impossible to use it without the presence of the SK and a human touching it.

www.complete.org

Раджа 15h ago

А сейчас какие-то ключи для двухфакторки возможно в Россию заказать не за сотни денег?
Хотя бы до 4 тыр, ну или какие сейчас цены на них.

Я вообще в этой теме не шарю.

Yubikey 5 стоит в районе 8 тыр, Yubikey SK стоит 4 тыр. ХЗ чем они различаются.

Я пробовал подобное с флиппером делать, но там файлик с флешки спереть как нефиг. делать

#hard #u2f #yubikey

Klaus Vink Slott 2d ago

Når jeg har en #Yubikey tilsluttet, så kan min #Falkon browser ikke finde min #MitID chip (også usb tilsluttet) De begynder begge at blinke, men der sker ikke noget når man benytter knappen på MitID.
Det går lidt bedre med #Firefox som opdager at der er 2 nøgler.

Show thread

⁉️2d ago

@Cloudsincoffee

do they work on Linux for LUKS etc. - can you use the same package yubikey-luks? I'm currently using Yubikey, but always open for change, if it is not too difficult.

#Yubikey #Token2 #LUKS #Linux #FIDO2 #MFA

Show thread

Clouds

2d ago

@bazurk I got a couple of #token2 security keys. They are much cheaper than #Yubikey . I have been happy with them.
https://www.token2.com/

TOKEN2 Sàrl is a Swiss cybersecurity company specialized in the area of multifactor authentication. We are a FIDO Alliance member.

OTP Token, TOTP token, Replace your mobile authenticator with secure hardware OTP token! Easily programmed via NFC. Designed to use with Google, Facebook, Dropbox, GitHub, Wordpress, Office 365, Azure MFA etc.

Show thread

ᗪavid John. דָּוִד יוֹחָנָן 5d ago

@pr3d

Okay then maybe i'll stick with #Yubikey when I am able too. Thanks for the heads up!

Show thread

pr3d 5d ago

@bazurk the open source project seams dead. I'm glad I've found https://github.com/mimi89999/Authnkey to be able to set a PIN for FIDO Passkeys for my solokeys
They work, but my #Yubikey 5C feels way more robust.

GitHub - mimi89999/Authnkey: Passkey credential provider for hardware security keys

Passkey credential provider for hardware security keys - mimi89999/Authnkey

GitHub

ᗪavid John. דָּוִד יוֹחָנָן 5d ago

Anyone have a review of #solokeys ? I was going to go with #yubikey again but I’d rather go with an #opensource alternative. Advice on #security anyone ?

Agenda du Libre 6d ago

Tallard: Présentation OpenPGP + Atelier grand public YubiKey, Le samedi 28 mars 2026 de 11h00 à 18h00. https://www.agendadulibre.org/events/34792 #monnaieLibre #installParty #june #dji #foopgp #openpgp #yubikey #djibian #securite #openpgpId #atelier #logicielsLibres #libreEnFete2026 #adieuWindows

Présentation OpenPGP + Atelier grand public YubiKey

Venez découvrir et prendre en main votre avenir numérique Foopgp a sélectionné et développé des outils, intégrés dans un système d’exploitation GNU/Linux (Debian Blends) dénommé Djibian . Djibian est aujourd’hui le système le plus avancé dans l’utilisation des clés de sécurités OpenPGP, tel que la

Show thread