[travisby]

After going back and forth on whether I wanted a Yubikey, I finally decided I didn't want to support them due to the closed sourceness.

I bought an Open PGP Card instead! https://www.g10code.com/p-card.html

You still have to buy your own card reader, and any card readers on the market aren't as small as the Yubikey... but it's a fantastic device and I love mine to death.

Note: the yubikey actually uses the open pgp card inside of it (which the actual implementation from the chip supplier is hardware-closed-source, although the reference architecture is open). The nitrokey too. They technically all have closed source with the BasicCard that runs inside them! With that in mind the secret-sauce of the yubikey is also closed source, where there's no secret sauce around your OpenPGP Card to be closed source.

[simias]

That's sound advice but I'd like to point out that this Open PGP card appears to only support 2048bit keys while some (but not all!) yubikeys and nitrokeys support 4096bit.

I suppose nowadays 2048bit is more than enough but I like the extra safety and "future-proofness" of a 4096bit key.

[travisby]

I'm definitely with you, and don't advocate for 2048 bit keys anymore. That being said...

The older versions of the card only supported 2048bit keys. The 2.0 version and above support 4096 :)

I personally generated my RSA4096bit key on the card!

[jans23]

Most (but not all) code of the OpenPGP Card (for BasicCard) is available as open source and can be downloaded here: http://g10code.com/p-card.html