|
|
|
|
|
|
by Adutude
2871 days ago
|
|
|
This article is good as far as UX goes. Myself, I love my Yubikey. I use it to store my ssh keys, then tunnel them using ssh-agent/gpg-agent, something along the lines of this article. https://www.bootc.net/archives/2013/06/09/my-perfect-gnupg-s... and this article https://wiki.gnupg.org/AgentForwarding. It's set up so that you have to have the key to get into the bastion host first, then you have to tunnel your key through the bastion to get to the other side. If you remove the key it breaks your connection. A good way to ssh w/out having your private keys sitting on a disk. |
|
|