Skip to Content [alt-c]
In reply to It's Now Possible To Sign Arbitrary Data With Your SSH Keys
FYI: As of OpenSSH 8.2 it's possible to protect SSH keys with a FIDO/U2F key, eg. a YubiKey. See eg. https://github.com/vorburger/vorburger.ch-Notes/blob/develop/security/ed25519-sk.md for instructions how to create such keys and links to further documentation/announcements.
Btw. with https://github.com/drduh/YubiKey-Guide PGP/GPG keys are way less scary. I've had unused PGP/GPG keys for years, but that changed once I've started storing my key on a smartcard (in my case a YubiKey, but others work as well). I'm now signing all my git commits and tags with PGP/GPG.
Reply
Your comment will be public. To contact me privately, email me. Please keep your comment polite, on-topic, and comprehensible. Your comment may be held for moderation before being published.
Your Name: (Optional; will be published)
Your Email Address: (Optional; will not be published)
Your Website: (Optional; will be published)
>
monospaced
Post a Reply
Your comment will be public. To contact me privately, email me. Please keep your comment polite, on-topic, and comprehensible. Your comment may be held for moderation before being published.