Comment by EthanHeilman
Comment by EthanHeilman 18 days ago
That's really cool. Are you using OpenSSHes yubikey support or building your own?
Comment by EthanHeilman 18 days ago
That's really cool. Are you using OpenSSHes yubikey support or building your own?
We’re leveraging ssh certificates which are backed by keys stored in a variety of hardware. For yubikeys we’re leveraging piv and the standard ssh tooling. We’re determining whether we’ll be able to use a pkcs11 implementation for TPMs and Secure Enclave or whether we’ll need to build a custom agent.