The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 3 Go piv Projects
-
piv-agent
An SSH and GPG agent which you can use with your PIV hardware security device (e.g. a Yubikey).
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
yubisigner
YubiSigner provides a convenient way to sign and securely verify file signatures with Yubico YubiKey, utilizing an organization's PKI infrastructure.
This is a great idea. I now exclusively use SSH keys on hardware security modules of some kind. I use "Secretive", a mac app that does the same, plus a yubikey using yubikey-agent (https://github.com/FiloSottile/yubikey-agent; there are too many complicated ways to use SSH keys with a yubikey this is one of the friendliest ones). Depending on the security and frequency of which I access the service impacts whether I need presence confirmation or use secretive versus the yubikey.
I would be remiss to mention there are existing SSH TPM projects, not sure how this one differentiates. It seems to at least have the user experience pretty simple, similar to yubikey-agent (and secretive), and unlike some of the existing solutions which have quite a few extra steps:
Go piv related posts
- Yubikey ssh keys with Ansible, wants to be touched constantly
- Is it possible to use AGE with a Ledger hardware device?
- Cloudflare Hardware Keys (Yubico Partnership)
- Am I the only one who's nervous when SSH-agent forwarding?
- Failed to fetch key with ECDSA keys via libykcs11.dll
- What do you use for SSH?
- MX204 and MFA
-
A note from our sponsor - WorkOS
workos.com | 19 Apr 2024
Index
What are some of the best open-source piv projects in Go? This list will help you:
Project | Stars | |
---|---|---|
1 | yubikey-agent | 2,564 |
2 | piv-agent | 73 |
3 | yubisigner | 7 |