[roblabla]

> Let's start with SSH. It's just plain unstable. If you try to set this up, you WILL have constant stability problems. I can assure you I have both personally experienced them and asked several other people who have attempted it to confirm that they too have various timeouts or other errors.

This has not been my personal experience at all. I've used this setup (Yubikey as SSH key) for 4 years now, and by "using it" I mean being connected on SSH 24/7, connecting every day, sometimes multiple times, from and to multiple machines. I have a USB drive on which I store a gpg binary for MacOS and Windows, allowing me to easily SSH from any machine.

GPG is a tire fire, I will give you that. But for the small subset of GPG that we need for yubikey+ssh, it can be made to work OK. You just need the latest version of GPG (2.1), have pcsc-lite and scdaemon installed and running, and put "enable-ssh-support" and "use-standard-socket" in your ~/.gnupg/gpg-agent.conf. This is not hard, and can be done in a 100% portable and sudoless fashion.

As for SSH, I'm not sure why you think it's a tire fire ? SSH works really well for its use-case. It might have problem if your internet connection sucks (like on mobile connections), in which case you can and should use mosh, which still works with this exact Yubikey setup (mosh initiates the connection and authenticates over SSH, and then establishes a UDP connection for the rest of the session).