pam-u2f
virtual-fido
| pam-u2f | virtual-fido | |
|---|---|---|
| 3 | 15 | |
| 518 | 1,135 | |
| 1.0% | 1.9% | |
| 4.8 | 6.2 | |
| 9 days ago | 14 days ago | |
| C | C | |
| BSD 2-clause "Simplified" License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pam-u2f
virtual-fido
- Tailscale doesn't want your password
-
Passkeys now support external providers
> who the heck would carry a USB key with them??
Why not? I do this. It's no different from any other physical key like a door key, and I keep it on the same keychain too...
> The passkey is usable anywhere (signed up on my desktop, hopped over to my laptop and signed in there with the same passkey).
I don't see how this conflicts with physical tokens like Yubikeys? The tokens help you "remember" the key like how a physical door key helps you "remember" the bitting (which is the real authentication info).
Just like passkeys, U2F can also be done using a virtual U2F device if you so choose (https://github.com/bulwarkid/virtual-fido). And presumably you could create an off-device portable token to store passkeys...
The real problem at the end of the day is just consistent adoption. There's still a ton of 2FA services that don't accept U2F and only use SMS or email codes...
-
Google Introduces Passkey Authentication
If this is FIDO2, then it seems these projects might be useful on Linux...
https://github.com/bulwarkid/virtual-fido
https://bulwark.id/
-
Is there a linux equivalent to Windows Hello?
Suggested solution: https://github.com/bulwarkid/virtual-fido
- On-device WebAuthn and what makes it hard to do well
- GitHub - bulwarkid/virtual-fido: A Virtual FIDO2 USB Device
-
Mozilla claims Apple, Google and Microsoft force users to use default browsers
You can use an open source virtual FIDO device instead of Apple's implementation:
https://github.com/bulwarkid/virtual-fido/
-
Hacker News top posts: Sep 18, 2022
Show HN: A virtual Yubikey device for 2FA/WebAuthN\ (104 comments)
- Show HN: A virtual Yubikey device for 2FA/WebAuthN
What are some alternatives?
hardening - Hardening Ubuntu. Systemd edition.
tpm-fido - A WebAuthn/U2F token protected by a TPM (Go/Linux)
http-observatory - Mozilla HTTP Observatory
PIVert
yubikey-full-disk-encryption - Use YubiKey to unlock a LUKS partition
j40 - J40: Independent, self-contained JPEG XL decoder
bastion - 🔒Secure Bastion implemented as Docker Container running Alpine Linux with Google Authenticator & DUO MFA support
SoftU2F - Software U2F authenticator for macOS
lynis - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
SoftU2F-Win - Software U2F authenticator for Windows
pam-onelogin - pam-onelogin is a pretty complete pam/nss stack for using OneLogin as authentication source (with MFA) and user/group lookups. Primarily used for SSH.
trabucco - Can launch your 90kg applications for 300m (It's a launcher, like katapult, but better).