|
|
|
|
|
|
by TacticalCoder
188 days ago
|
|
|
> Currently, I have my ssh key on the laptop ... My SSH keys aren't on my computer: they're safely hidden on a hardware token, behind a secure element, like a Yubikey. Devices like the Yubikey do precisely exist because computers aren't things to be trusted. So their reason for being is to offer a minimal attack surface. When I git fetch/pull/push I just do it. But it requires me to physically use my Yubikey. It's not 100% foolproof but it's way better than having SSH keys only protected by a password. So Git over SSH, on a Git/SSH server that supports Yubikeys. |
|
|