Hacker News new | ask | show | jobs
by pipe_connector 1052 days ago
Doesn't this only solve the problem for resources I am accessing over SSH? What about if I wanted to access something over HTTP like my web browser does?
3 comments
deng 1052 days ago
That is correct. If you actually use a browser remotely, you would need to use something like RDP with the WebAuthn Virtual Channel enabled, which unfortunately I think is currently only available by Microsoft. Some remote control software like Teamviewer has USB passthrough, but I've no idea if that works with Yubikeys (I doubt it).

So yes, working with what I'd call a "thin client setup" is something where Yubikeys are probably not a good fit, unless the protocol for that setup would support some kind of direct USB forward that actually works with Yubikeys...

link
stevekemp 1052 days ago
Install a HTTPS? proxy on the work-machine, and configure the other host to use that?

All requests would then route via the work-computer.

But honestly? Use the work computer, and if it isn't good enough ask for a better machine and let somebody else take care of it.

link
NovemberWhiskey 1052 days ago
But seriously what do you do for that case if the resource requires password authentication via an OIDC redirect or whatever?
link