Replacing my 2019 Yubico YubiKey 5 NFC and 5Ci with YubiKey 5C NFC variants. This time with a custom #YubiStyle

The Double Rainbow variant will be my daily driver. The Red key will serve as the backup key in case the rainbow variant breaks.

Now migrating all services from my old keys to the new keys. Lucky for me, I have documented all uses of my old keys.

#security #yubikey #otp #openpgp #fido

Damn, #Yubikey migration almost complete...

It's like most people dependent on smartphones for #2FA logins everywhere, but much worse. Smartphone usually has one #authenticator app, everything visible in one place, Yubikeys have various modules inside and I use most of it for many different things.
Authenticator part here is the easiest one, at least I have nice list of accounts/services to display with one simple command. But I have to remember U2F enabled services myself... Or check how many files I encrypted with GPG, or where I could use ssh keys...
Oh, and I use also pam-u2f and have FIDO LUKS login configured...
:blobCat_anxious_sweat:

Seriously, user could become even more dependent in more complex ways...

Why the hell these things don't just support firmware updates?!

Im 2. Teil zeige ich wie man mit #GnuPG #OpenPGP Schlüssel offline erstellt und auf beliebig viele #Smartcard Token wie #Yubikey oder #Nitrokey verschiebt.
Damit ist auch ein #Backup der geheimen Schlüssel möglich

https://cryptomancer.de/posts/20251208-openpgp-mehrere-smartcards/

Ich habe eine kurze bebilderte Anleitung geschrieben wie man mit #Kleopatra und #GnuPG #OpenPGP Schlüssel direkt auf #Smartcards wie #Yubikey #Token2 oder #Nitrokey erstellt

https://cryptomancer.de/posts/20251207-openpgp-smartcards/

It’s one of the days when I receive an unexpected Apple two-factor request so I change the password for my #AppleID, log out every device connected to it to discover that my iPhone does not like to talk to my #Yubikey.
(But the rest of the devices work.)

Wow, getting SSH set up *resiliently* for #Yubikey (FIDO2) auth was more work than I expected. Got it working, though!

@leckse Should I use my socialsecuritynr instead ?
Or one of those -totally-not-fallible #yubikey / securitykey ?

How bout fingerprints ?
Or maybe my #retina ?

I just realized that I can now use an SSH key to sign my commits with #Git (and therefore on #GitHub) 🤯

Made the set-up with my #Yubikey way easier, the struggle with GPG was real.

@hsanhalt Vielleicht kann uns die @hsanhalt dann mal an der @uni-magdeburg.de beraten, wie man einen Single-Sign-On für die universitären IT-Dienste wie E-Mail, Cloud oder Moodle mit einem zweiten Faktor schützt (wie z.B. einem #YubiKey, den ich jedoch rein privat nutze).
Wir nutzen nämlich keine #2FA sondern vertrauen rein auf einen Benutzernamen und ein Passwort, das selbstredend für alle Dienste gleich ist, auch für den WLAN-Zugang.

https://github.com/gitbls/sdm update enables #yubikey to unlock encrypted rootfs partitions.

#raspberrypi

Nachdem die Nitrokey 3A Mini offenbar so billig produziert sind, dass mir gestern einer beim simplen Abziehen von einem etwas festeren USB Port in seine Einzelteile zerfallen ist, habe ich beschlossen, auch den anderen einzumotten und komplett zurück zu Yubikey zu wechseln. Die Dinger sind unkaputtbar und auch IP68 zertifiziert. Nutze ich schon seit >15 Jahren ohne jegliche Probleme.

An sich mag ich den Open Source- und Transparenz-Gedanken, unterstütze das auch aktiv, aber wenn die physische Qualität dermaßen unterirdisch ist wie beim Nitrokey 3A Mini (die anderen kann ich nicht beurteilen), dann hilft mir das auch nicht. So ein Security Key ist einigermaßen zentral, der darf nicht einfach so zerfallen bei normaler Nutzung.

#Yubikey #Nitrokey #SecurityKey #Security #FIDO2

Ok, I got the #Yubikey unlock for #LUKS working.
Problem is, it still needs my password initially for #Grub, which means it's kinda pointless, as grub needs the entire root disk unencrypted to get to /boot 😞

@DerEntspannende
#YubiKey is #unfree and restricts your #freedom . @nitrokey promotes and is #openSource / #openhardware and has #blackfriday & Saturday (November 28-29) a 10% discount on all products: https://www.nitrokey.com/news/2025/our-black-friday-special-%E2%80%93-10-discount-everything
#fido #openpgp #coreboot #grapheneos #nextcloud

if anyone was planning to get some more yubikeys now might be a good time they are currently running a Black Friday discount on the 5 series which is even better than their student discount

#tech #yubikey #security #pgp #fido

#BlackFriday Sale at Yubico: 30% off the #YubiKey 5 NFC and 5C NFC (Limit 4 Total)
https://www.yubico.com/de/store/2025/black-friday-sale/

RE: https://infosec.exchange/@BleepingComputer/115611930841493640

Considered a #Yubikey hardware security key but not taken the plunge. 30% off in their Black Friday sale: https://www.yubico.com/gb/store/2025/black-friday-sale/

Also #Protonmail (which I use for cloud-based email - based in Switzerland - that isn't sucking your data, along with their #ProtonPass password manager) have some good intro offers: https://proton.me/mail/black-friday

For some other security related #BlackFriday discounts check out https://fosstodon.org/@BleepingComputer@infosec.exchange/115611930882143073

[EDIT: Yay - quote toots are now working on @fosstodon!]

Just a quick reminder that @yubico is offering 30% off the #Yubikey 5 NFC and 5C NFC (for Czechs: in #Alza it's even 36% off) until Dec 1, so now is the perfect time to make your life more secure.

https://www.yubico.com/store/2025/black-friday-sale/

#BlackFriday

The Yubico Black Friday sale is on. 30% discount on the 5 NFC and 5C NFC. #Yubico #YubiKey #Passkeys
https://www.yubico.com/store/2025/black-friday-sale/

Why doesn't my #yubikey work as #ssh key under #ArchLinux ?

- pcscd must be running
- ccid needs to be installed
- (maybe???) user needs to be part of pcscd

Joost van Dijk from @yubico tells us about #OpenSSH combined with the #FIDO standard at the @nluug #najaarsconferentie. This info applies on any FIDO #securitykey, not just #yubikey.

#opensourceconference #Linuxconference #conference #conferentie #NLUUG #nluug25nj #hardwarekey