[koolba]

Can the $10 keys be used for GPG and SSH key unlocking or just something web authn specific?

[jgrahamc]

It's the "Yubico Security Key" (https://www.yubico.com/pt/product/security-key-nfc-by-yubico...) which supports: WebAuthn, FIDO2 CTAP1, FIDO2 CTAP2, Universal 2nd Factor (U2F). So, should work.

[akerl_]

Just to clarify: they don’t have the GPG applet. They can do SSH auth via the new fido2 support, but not via older methods like x509 RSA keys or GPG-as-an-ssh-key

[Avamander]

x509 certificates (PIV applet) can be elliptic as well, just to clarify.

[akerl_]

True. I always forget because they can’t (to my knowledge) use ed25519, just ecdsa.

[tmottabr]

No, the e-mail i got from them say it is the Yubico 5 NFC or the Yubico 5C NFC

that does have PIV and PGP modules.

https://www.yubico.com/br/product/yubikey-5-nfc/ https://www.yubico.com/br/product/yubikey-5c-nfc/

[yencabulator]

You can use PIV for SSH just fine.

It's not OpenSSH's weird FIDO mode, but I don't like the FIDO mode anyway because it requires storing a file on the computer.

https://github.com/FiloSottile/yubikey-agent

[smileybarry]

They're the normal "Security Key NFC" version, so just FIDO2/WebAuthn uses. But you can generate FIDO2-based SSH hardware keys on them: https://news.ycombinator.com/item?id=31556130

[smileybarry]

I just got the email and they’re the full YubiKey 5/5C NFC ones, so this is actually a really good deal.

[bogantech]

Yep I just got the email and it's an offer for the full yubikey 5/5c models