[aborsy]

Do phone apps support Yubikey?

[FrenchyJiby]

Yes!

Termux[0] does supports gpg and pass but no yubikey by default, but okc-agent[1] is a third party binding of OpenKeyChain, providing barebones gpg via yubikey. I use this to decrypt passwords via NFC:

[0]: https://termux.org [1]: https://github.com/DDoSolitary/OkcAgent

Simple password decrypt: okc-gpg -d ~/.password-store/mypass.gpg

I made a termux shortcut (button on homescreen) to emulate pass-dmenu via this ( store in ~/.shortcuts):

  #!/data/data/com.termux/files/usr/bin/env bash

  # Lists passwords in termux dialog, decrypting selection to clipboard for 45s

  # http://redsymbol.net/articles/unofficial-bash-strict-mode/
  set -euo pipefail

  # Inspired by https://git.zx2c4.com/password-store/tree/contrib/dmenu/passmenu
  shopt -s nullglob globstar

  prefix=${PASSWORD_STORE_DIR-~/.password-store}
  password_files=( "$prefix"/**/*.gpg )
  password_files=( "${password_files[@]#"$prefix"/}" )
  password_files=( "${password_files[@]%.gpg}" )

  password_files_csv=$(printf '%s,' "${password_files[@]}")
  choice_json=$(termux-dialog sheet -t "Select password" -v "$password_files_csv")

  choice_exit=$(echo "$choice_json" | jq .code)
  [[ "$choice_exit" == 0 ]] ||  exit

  password=$(echo "$choice_json" | jq .text | tr -d '"')

  okc-gpg -d ~/.password-store/"$password".gpg 2>/dev/null | head -n 1 | termux-clipboard-set
  # pass show -c "$password" 2>/dev/null
  termux-toast -s "Password copied to clipboard"
  sleep 46
  termux-clipboard-set ""
  termux-toast -s "Password remove from clipboard"

[freedomben]

Slightly OT but this is yet another example of why Termux is the killer app for Android. I didn't use to think there was much difference between iOS and Android until I discovered Termux.

[nulbyte]

Most apps delegate PGP functionality to OpenKeychain, which works with Yubikeys. I use a Yubikey 5 NFC and the Password Store app from F-Droid.

[PureParadigm]

The Password Store app delegates key management to another app. I use OpenKeychain [1] for this. I believe OpenKeychain supports Yubikeys, but I haven't used that feature myself so I can't speak about how well it works.

[1] https://www.openkeychain.org/

[GekkePrutser]

It works perfectly both over NFC and USB either OTG micro USB or USB-C.

I only use hardware keys now.

[eptcyka]

It supports PGP keys stored on yubikeys via OpenKeychain. There's talks of removing support for OpenKeychain in lieu of a homegrown implementation since OKC develoent has lost velocity. And their library interface can be a bit cumbersome.