[arch-general] How long do you make the passphrase for the private key?

Ben Oliver ben at bfoliver.com
Tue Jun 25 08:56:36 UTC 2019


On 2019-06-25 09:35:53, Ralph Corderoy wrote:
>Yes, they exist.
>https://www.imperialviolet.org/2018/03/27/webauthn.html is a
>comprehensive introduction that will give you terms to feed Google, and
>his https://www.imperialviolet.org/2017/08/13/securitykeys.html compares
>some of the keys then on the market.  Yubico do well, IIRC.

FWIW I can also vouch for the NitroKey Pro. It's not U2F, but then 
barely anything I use supports U2F.

You can store TOTPs on it for 2 Factor (but it's limited to 15, which is 
not enough for me, so I'm still using andOTP on my phone...).

The main use I have for it is as a GPG smartcard. It lets you carry your 
GPG key around with you everywhere, or a subkey if you wish.

This unlocks loads of possibilities, like being able to decrypt my 
password store, signing and encrypting emails, files etc etc. I also use 
it for SSH authentication.

It's allowed me to use GPG a lot more than I otherwise would have.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20190625/f1fd463d/attachment.sig>


More information about the arch-general mailing list