Linux

45808 readers

1142 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

[email protected]

Hardware security key options? (tsukihi.me)

submitted 6 months ago by [email protected] to c/[email protected]

34 comments fedilink hide all child comments

Hardware security key options?

I've been thinking about getting a hardware security key and have heard of yubikey before; but I want to see what my options are and if they are worth it in your opinion.
My current setup is a local KeePassXC database (that I sync between my PC and phone and also acts as TOTP authenticator app), I know that KeePass supports hardware keys for unlocking the database.

I am personally still of the belief that passwords are the safest when done right; but 2FA/MFA can greatly increase security on top of that (again, if done right).
The key work work together with already existing passwords, not replace them.

As I use linux as my primary OS I do expect it to support it and anything that doesn't I will have to pass on.

PS: what are the things I need to know about these hardware keys that's not being talked about too much, I am very much delving into new territory and want to make sure I'm properly educated before I delve in.

@linux @[email protected] @[email protected] @privacy #2FA #MFA #yubikey #InfoSec #CyberSecurity

you are viewing a single comment's thread
view the rest of the comments

[–] thisisawayoflife 8 points 6 months ago (2 children)

Look into SoloKeys and NitroKeys and see if there's products from those vendors that fit your needs.

[–] [email protected] 11 points 6 months ago (2 children)

As to why thisisawayoflife recommends these products (over OP's consideration of Yubico), probably because Solo and Nitro keys are open source hardware and firmware.

Nitro is a German company. Yubico is a Swedish company. I can't find where SoloKeys is located. However, the OS nature of Solo and Nitro should make that a little less important.

[–] [email protected] 2 points 6 months ago* (last edited 6 months ago)

In my research, I've found SoloKeys may be a US company. They are headquartered in New Jersey and one Co-founder is in New York City. However, according to their WhoIs data, the domain was registered in Iceland.

From SoloKey's Solo 2A+ NFC Security Key product page "Made and programmed in Europe." https://solokeys.com/products/solo-2a-nfc-security-key?variant=40297992093889

[–] [email protected] 2 points 6 months ago (2 children)

I also recommend Nitrokey. I have a Nitrokey Pro 2 and a Nitrokey 3 NFC and they both work well. Linux support is very good, and they also have good documentation on how to do most stuff you might want to do. +1 for being open-source as well.

[–] [email protected] 1 points 6 months ago

Nitrokey isn't fully open source though. The secure element is proprietary. But that's not their fault, OSS secure elements aren't a thing yet unfortunately, but some companies wanna bring a change in that

[–] [email protected] 1 points 6 months ago

Well I might be ignorant of first principles, but I couldn't get a nitrokey I got for testing to work with anything.

Not that yubikey is easy.