Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Go Smartcard Projects
-
This is a great idea. I now exclusively use SSH keys on hardware security modules of some kind. I use "Secretive", a mac app that does the same, plus a yubikey using yubikey-agent (https://github.com/FiloSottile/yubikey-agent; there are too many complicated ways to use SSH keys with a yubikey this is one of the friendliest ones). Depending on the security and frequency of which I access the service impacts whether I need presence confirmation or use secretive versus the yubikey.
I would be remiss to mention there are existing SSH TPM projects, not sure how this one differentiates. It seems to at least have the user experience pretty simple, similar to yubikey-agent (and secretive), and unlike some of the existing solutions which have quite a few extra steps:
-
If that project https://github.com/buptczq/WinCryptSSHAgent had a pin timeout, it would be the perfect Windows ssh agent. It support named pipe, pagent shared memory and a UNIX socket under WSL2 using Hyper-V and socat.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Go Smartcard related posts
- Yubikey ssh keys with Ansible, wants to be touched constantly
- Is it possible to use AGE with a Ledger hardware device?
- Cloudflare Hardware Keys (Yubico Partnership)
- Am I the only one who's nervous when SSH-agent forwarding?
- Failed to fetch key with ECDSA keys via libykcs11.dll
- Use PIV for SSH without PIN/touch?
- YubiKey 5 - Certificates and signing
-
A note from our sponsor - InfluxDB
www.influxdata.com | 29 Mar 2024
Index
Project | Stars | |
---|---|---|
1 | yubikey-agent | 2,551 |
2 | WinCryptSSHAgent | 515 |