Comment by timewizard

Comment by timewizard 15 hours ago

6 replies

> This is something that I probably care about more than most people, because as a system administrator I want to be able to log in to my desktop even in quite unusual situations.

If I understand correctly you can have your SSH key entirely on a Yubikey if you use PIV or OpenPGP.

computerfriend 10 hours ago

Now you can drop the PIV or PGP dependencies. OpenSSH can use webauthn to derive SSH keys.

denysvitali 14 hours ago

Yes, this.

GPG supports smartcards (yes, the plastic smartcards) since ages. The Yubikey will appear as a smartcard on GPG and will work on pretty much sny setup.

  • [removed] 14 hours ago
    [deleted]
pointlessone 14 hours ago

Does every random system automatically picks up Yubikey? Does SSH on all platforms find that key?