Comment by timewizard
Comment by timewizard 15 hours ago
> This is something that I probably care about more than most people, because as a system administrator I want to be able to log in to my desktop even in quite unusual situations.
If I understand correctly you can have your SSH key entirely on a Yubikey if you use PIV or OpenPGP.
Now you can drop the PIV or PGP dependencies. OpenSSH can use webauthn to derive SSH keys.