The generated FIDO keys with "[...]-sk" are hardware-only too, the "key" you load is only an "identifier" associating the onboard passkey, allowing you to add it on multiple computers but still requiring the FIDO key present to use[1]:
> ssh-keygen(1) may be used to generate a FIDO token-backed key, after
which they may be used much like any other key type supported by
OpenSSH, so long as the hardware token is attached when the keys are
used. FIDO tokens also generally require the user explicitly authorise
operations by touching or tapping them.
> [...]
> This will yield a public and private key-pair. The private key file
should be useless to an attacker who does not have access to the
physical token. After generation, this key may be used like any other
supported key in OpenSSH and may be listed in authorized_keys, added
to ssh-agent(1), etc. The only additional stipulation is that the FIDO
token that the key belongs to must be attached when the key is used.
IMO the baseline Security Key ($20) series is now enough, unless your setup uses PGP, legacy SSH that doesn't support these key types, or if you're using a real certificate for e.g. code signing.
> ssh-keygen(1) may be used to generate a FIDO token-backed key, after which they may be used much like any other key type supported by OpenSSH, so long as the hardware token is attached when the keys are used. FIDO tokens also generally require the user explicitly authorise operations by touching or tapping them.
> [...]
> This will yield a public and private key-pair. The private key file should be useless to an attacker who does not have access to the physical token. After generation, this key may be used like any other supported key in OpenSSH and may be listed in authorized_keys, added to ssh-agent(1), etc. The only additional stipulation is that the FIDO token that the key belongs to must be attached when the key is used.
IMO the baseline Security Key ($20) series is now enough, unless your setup uses PGP, legacy SSH that doesn't support these key types, or if you're using a real certificate for e.g. code signing.
1: https://www.openssh.org/txt/release-8.2#:~:text=The%20privat...