techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome

Administered by:

Server stats:

4.6K
active users

#NitroKey

1 post1 participant0 posts today
Replied to JayVii

@jayvii
yubi can do most of the things you ask.
here is a good guide:
procustodibus.com/blog/2023/04
and here is another one:
github.com/drduh/YubiKey-Guide

As far as I know #nitrokey needs some extra steps in order to do some small things(wireguard key on the nitro, I don't remember if it works), other than that as it is open hardware and software it's the best choice in the market currently.
@lrvick may have an opinion about it.

Pro CustodibusAn Opinionated YubiKey Set-Up GuideHow to set up a YubiKey 5 in 2023.

Does anyone have experience with either #Yubikey, #Nitrokey or any other hardware security token for both #MFA/#2FA as well as #encryption via #PGP/#GPG or #SMIME?

In particular, I am looking at the Nitrokey 3A NFC. As far as I can tell, Yubico only sells #MFA tokens(?), unless the YubiKey 5 FIPS Series can hold encryption keys as well?

Both price and open hardware aspect definitely speak for Nitrokey, but I do not know anyone who owns such a token... Anyone who I can talk to?

shop.nitrokey.comNitrokey 3A NFC
Kann ich die Zuordnung von privaten Schlüssel und Karte löschen bzw. irgendwie explizit erzwingen?

Folgendes Problem,...

Meine Schlüssel ist einem anderen Nitrokey zugeordnet. Normal habe ich diese immer mit gpg --edit-card und dann einem verify hinbekommen. Danach war der Schlüssel der aktuellen Karte zugeordnet.

Aus irgendeinem Grund ist dies aktuell auf meinem Debian stable System nicht möglich. Das System erkennt den Nitrokey. Bei einem ssh / --sign gibt es immer die Meldung, ich soll die Karte mit Nummer XY einlegen - mit diesem Nitrokey geht es dann auch. Ich möchte aber den anderen.

#gnupg #gpg #openpgp #nitrokey #debian
Continued thread

Besides the #Nitrokey FIDO2, I also already have a Nitrokey U2F & a Solo Somu from #SoloKeys, so I wasn't too keen on paying 50€ + shipping for a new Nitrokey 3A Mini – a product I wouldn't need if my old key's firmware had been updated.

Instead, I bought a 🇨🇭 Token2 PIN+ Dual R3 whose hardware and firmware is also open-source and which costs only 25€ + shipping: token2.eu/shop/product/pin-dua #T2F2

The only downside is that #Token2 manufacture their products outside Europe (Nitrokeys are made in 🇩🇪).

www.token2.euTOKEN2 Sàrl is a Swiss cybersecurity company specialized in the area of multifactor authentication. We are a FIDO Alliance member.FIDO2 USB Key, U2F USB Key, Cheap Yubico alternative, FIDO2, fido alliance certified security keys Replace your mobile authenticator with secure hardware OTP token! Easily programmed via NFC. Designed to use with Google, Facebook, Dropbox, GitHub, Wordpress, Office 365, Azure MFA etc.

As I need an Ed25519-SK SSH key generated with a hardware token, I tried to use my Nitrokey #FIDO2 for that, but: no.

Years ago, #ed25519 had experimentally been added to the firmware (not released) but later #Nitrokey stated that customers should've donated on top of the selling price to get firmware updates & advised to buy the new product instead.

The latter would be OK if the old key wasn't sold anymore, but it is still sold & the firmware was last updated in 2021.

github.com/Nitrokey/nitrokey-f

I would like to use ed25519-sk with my FIDO2 stick. Currently the situation is as follows: ssh-keygen -t ed25519-sk -f ~/.ssh/id_ed25519_sk Generating public/private ed25519-sk key pair. You may ne...
GitHubSupport for ed25519-sk · Issue #39 · Nitrokey/nitrokey-fido2-firmwareBy dr-br