OpenSSH got U2F support - an idea for GnuPG?
tobias.wendorff at tu-dortmund.de
Sat Jan 4 23:19:03 CET 2020
in November 2019, Yubikey released a patch for libfido2, which acts
as a middleware to talk between OpenSSH and U2F/FIDO2 tokens (so it
also works for the older FIDO(1) standard. Actually libfido2 now
"emulates" PKCS#11 (PIV card interface). Also OpenSSH got patched
to talk to U2F tokens now.
Duo wrote a nice article on it:
Would it be possible to use this technique on GnuPG? Sure, it doesn't
suite all security needs. But it could allow anyone with a U2F/FIDO2
token to use GnuPG f.e. for signing?
Would be happy to discuss to pros / cons with you.
More information about the Gnupg-devel