Our great sponsors
-
keepassxc
KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
I use strongbox[1] on iOS and it has a feature to print off your entire database (automatically formats everything). The passwords are stored in a standard kdbx file that you can sync manually or use drive, iCloud, etc. KeepassXC[2] has browser extensions and cross-platform apps and pairs well with strongbox. (No print feature afaik) Both apps are open-source.
[1] https://strongboxsafe.com/
Is this the Symantec script you're referring to? https://github.com/dlenski/python-vipaccess
See https://github.com/rubygems/rubygems.org/pull/2865 for the web part
> From the replies it sounds like this is talking about client software?
Yes the command line is a client to the rubygems server
> An unattended client should not be able to do WebAuthn as the whole point is that a human is present and authorising the authentication step
You either need a PIN, a fingerprint, a press, or no action just owning the device or the software.
> if I have 100% full of Bob's device I still can't touch the sensor or button to authenticate as Bob.
If you have a perfect copy of a Yubikey or the same fingerprint you should be able to authenticate I think
> OpenSSH works with Yubikeys
Nice, I will look into it