undefined | Better HN

0 pointsred_trumpet1y ago0 comments

I have to store them on my disc, in order to use them tomorrow.

0 comments

Oddly enough you don't. We've been storing our ssh keys(ed25519-sk) as resident keys for years now without issue.

So basically we've been storing ssh keys directly on yubikeys the same way passkeys are stored since before passkeys were a thing.

It seemed a clearly superior option compared to letting ssh private keys roam around on random computers.

tsimionescu1y ago

Sure, but then limits you to a handful of keys. The WebAuthn people don't like this, they want one key per service, so basically YubiKeys no longer really work with WebAuthn (unless you're fine with only ever using a max of 25 services).

j / k navigate · click thread line to collapse

0 comments

Spunkie1y ago

Oddly enough you don't. We've been storing our ssh keys(ed25519-sk) as resident keys for years now without issue.

So basically we've been storing ssh keys directly on yubikeys the same way passkeys are stored since before passkeys were a thing.

It seemed a clearly superior option compared to letting ssh private keys roam around on random computers.

tsimionescu1y ago

j / k navigate · click thread line to collapse