I recently bought a couple of YubiKey security keys. These support FIDO2/U2F, integrate well with #SSH
In researching how to do this, I found a lot of pages online with poor instructions. In many cases, they suggested insecure practices.
It turns out this whole process is quite easy. But I wanted to understand how it worked.
So, I figured it out, set it up myself, and then ut up a new, comprehensive page on my website: https://www.complete.org/easily-using-ssh-with-fido2-u2f-hardware-security-keys/ .
Blog post at https://changelog.complete.org/archives/10815-how-to-use-ssh-with-fido2-u2f-security-keys