🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸<p><span class="h-card" translate="no"><a href="https://mastodon.social/@pupeno" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>pupeno</span></a></span> kinda feels like <a href="https://mastodon.social/tags/passkeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passkeys</span></a> ought to stay encrypted by a device's secure enclave. Those seem a lot more safe. Passkeys don't feel like much of an improvement over OTP on my <a href="https://mastodon.social/tags/Yubikey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Yubikey</span></a>, so I haven't switched yet.</p>
shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.
Administered by:
Server stats:
264active users
shakedown.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.2
#yubikey
1 post · 1 participant · 0 posts today
Sass, David<p>Me: Uhh a <a href="https://infosec.exchange/tags/YubiKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YubiKey</span></a> let's add it to my <a href="https://infosec.exchange/tags/EntraID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EntraID</span></a> account</p><p>Microsoft: NOT SO FAST</p><p>Me: 🤬🤬🤬</p>
Bryan Whitehead<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@tychotithonus" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tychotithonus</span></a></span> <br>They are totally blowing the opportunity to have a pumpkin spice <a href="https://macaw.social/tags/YubiKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YubiKey</span></a></p>
Jonatan<p>With USB/IP, I can now use my YubiKey remotely via SSH in the same way as I was sitting in front of my machine. Both in early boot stage (initrd); unlocking LUKS encrypted filesystem, and in booted system stage; signing git commits and authenticate to GitHub. Great! But what about using FIDO2/WebAuthn via RDP to log in to web services? USB redirection is not supported for xrdp. Is there any workarounds coming up to for example redirect WebAuthn from one machine to another?</p><p><a href="https://defcon.social/tags/yubikey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>yubikey</span></a> <a href="https://defcon.social/tags/fido2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fido2</span></a> <a href="https://defcon.social/tags/usbip" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>usbip</span></a> <a href="https://defcon.social/tags/rdp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rdp</span></a> <a href="https://defcon.social/tags/nixos" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nixos</span></a> <a href="https://defcon.social/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a></p>
Maikel 🇪🇺 🇪🇸<p>Trick 1: If you use the latest and greatest Bitwarden from UNSTABLE channel of Nixos you get this very HANDY option that allows you to never have to open and close again and again and again Bitwarden Desktop (just leave it started) to SSH into any of the servers you store the keys on Bitwarden. <br>It has to be the version from unstable channel though. </p><p>Trick 2: If you enable master password re-prompt and your unlocking mechanism of Bitwarden vault is a yubikey you enjoy super-extra-mega security then. You might like this option <span class="h-card" translate="no"><a href="https://bsd.network/@dch" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>dch</span></a></span> </p><p>Now these two settings merge conveniency and security. </p><p><a href="https://vmst.io/tags/Bitwarden" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bitwarden</span></a> <a href="https://vmst.io/tags/Yubikey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Yubikey</span></a></p>
shac ron ₪<p>It would be nice if my <a href="https://ioc.exchange/tags/yubikey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>yubikey</span></a> stopped murdering my MacBook battery while it’s sleeping</p>
Zack Weinberg<p>I'm betting the answer here is "this isn't possible" but if anyone knows how to tell OpenSSH that when it's enumerating pubkeys it should check which of the two known authentication dongles is actually plugged into the computer, and only prompt me to unlock the SK key that belongs to that dongle, not both of them, please tell me how.</p><p><a href="https://masto.hackers.town/tags/openssh" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>openssh</span></a> <a href="https://masto.hackers.town/tags/yubikey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>yubikey</span></a></p>
🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸<p>Explain <a href="https://mastodon.social/tags/passkeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passkeys</span></a> to me like I'm your grandparents.</p><p><a href="https://mastodon.social/tags/2fa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>2fa</span></a> <a href="https://mastodon.social/tags/authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentication</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://mastodon.social/tags/fido" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fido</span></a> <a href="https://mastodon.social/tags/webauthn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webauthn</span></a> <a href="https://mastodon.social/tags/fido2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fido2</span></a> <a href="https://mastodon.social/tags/otp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>otp</span></a> <a href="https://mastodon.social/tags/yubikey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>yubikey</span></a> <a href="https://mastodon.social/tags/password" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>password</span></a> <a href="https://mastodon.social/tags/auth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>auth</span></a></p>
JayVii<p>Does anyone have experience with either <a href="https://social.jayvii.de/tags/Yubikey" class="hashtag" rel="nofollow noopener" target="_blank">#Yubikey</a>, <a href="https://social.jayvii.de/tags/Nitrokey" class="hashtag" rel="nofollow noopener" target="_blank">#Nitrokey</a> or any other hardware security token for both <a href="https://social.jayvii.de/tags/MFA" class="hashtag" rel="nofollow noopener" target="_blank">#MFA</a>/<a href="https://social.jayvii.de/tags/2FA" class="hashtag" rel="nofollow noopener" target="_blank">#2FA</a> as well as <a href="https://social.jayvii.de/tags/encryption" class="hashtag" rel="nofollow noopener" target="_blank">#encryption</a> via <a href="https://social.jayvii.de/tags/PGP" class="hashtag" rel="nofollow noopener" target="_blank">#PGP</a>/<a href="https://social.jayvii.de/tags/GPG" class="hashtag" rel="nofollow noopener" target="_blank">#GPG</a> or <a href="https://social.jayvii.de/tags/SMIME" class="hashtag" rel="nofollow noopener" target="_blank">#SMIME</a>?</p><p>In particular, I am looking at the <a href="https://shop.nitrokey.com/de/shop/nk3an-nitrokey-3a-nfc-147?search=nitrokey+3#attr=" rel="nofollow noopener" target="_blank">Nitrokey 3A NFC</a>. As far as I can tell, Yubico only sells <a href="https://social.jayvii.de/tags/MFA" class="hashtag" rel="nofollow noopener" target="_blank">#MFA</a> tokens(?), unless the <a href="https://www.yubico.com/de/product/yubikey-5-fips-series/yubikey-5-nfc-fips/" rel="nofollow noopener" target="_blank">YubiKey 5 FIPS Series</a> can hold encryption keys as well?</p><p>Both price and open hardware aspect definitely speak for Nitrokey, but I do not know anyone who owns such a token... Anyone who I can talk to?</p>
Royce Williams<p>TIL that Pure Storage issues YubiKeys branded with their logo!</p><p>(eBay, not my listing:)</p><p><a href="https://www.ebay.com/itm/135898756327" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">ebay.com/itm/135898756327</span><span class="invisible"></span></a></p><p>Interesting: Just over the side of the logo, the phrase "NO NFC" is seen (not sure if an add-on label, or part of the logo). NFC-enabled keys ship with NFC disabled by default until first power-up (and can be re-disabled in <code>ykman</code> <code>-R</code> / <code>--restrict</code> option):</p><p><a href="https://www.yubico.com/getting-started/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">yubico.com/getting-started/</span><span class="invisible"></span></a></p><p>... so I'm not sure if this means NFC is <em>permanently</em> disabled, but it seems likely. Will update when I get one.</p><p><a href="https://infosec.exchange/tags/YubiKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YubiKey</span></a></p>
The Chris Dantes<p>Fuck <a href="https://social.linux.pizza/tags/Authy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authy</span></a>. Fuck it in it's stupid ass. They got rid of the desktop version. Fine. It sucks, but I could deal with it. Then they dropped support for <a href="https://social.linux.pizza/tags/GrapheneOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GrapheneOS</span></a>. Meaning I'm locked out of everything. Luckily I have a <a href="https://social.linux.pizza/tags/YubiKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YubiKey</span></a> so I can get into most things. I guess it's time to move to something else.</p>
Mad A. Argon :qurio:<p>I realized I didn't wear <a href="https://is-a.cat/tags/yubikey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>yubikey</span></a> on chain on my neck for 8 days (because of circumstances). And this is absolutely record for me, it was never so long until now!<br>Does it mean I have a problem? :neofox_laugh_tears_256:</p><p>I have it on me now. I couldn't feel so... naked? without armor? anymore.</p><p><a href="https://is-a.cat/tags/nerd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nerd</span></a> <a href="https://is-a.cat/tags/MagicalThinking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MagicalThinking</span></a></p>
Ölbaum<p>So, <a href="https://tooting.ch/tags/passkey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passkey</span></a> question:</p><p>Is it possible that a web site that has been supporting YubiKeys for a while would automatically support Safari’s and 1Password’s passkeys, by means of it being webauthn in both cases, or at least appear to support them, even if it fails later?</p><p>That would explain some of the ignorance of customer service agents when you point out how their passkey implementation is broken.</p><p><a href="https://tooting.ch/tags/passkeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passkeys</span></a> <a href="https://tooting.ch/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://tooting.ch/tags/webauthn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webauthn</span></a> <a href="https://tooting.ch/tags/YubiKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YubiKey</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mk.absturztau.be/@Linux" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Linux</span></a></span> there are 3 big options you forgot that I know of which too ain't under <a href="https://infosec.space/tags/Cloudact" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cloudact</span></a> aka. have no subsidiary/office/parent company in the <a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USA</span></a>: </p><ul><li><span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> (email, messaging, managed <a href="https://infosec.space/tags/nextcloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nextcloud</span></a> hosting)</li><li><span class="h-card" translate="no"><a href="https://mstdn.social/@Stuxhost" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Stuxhost</span></a></span> (eMail & <span class="h-card" translate="no"><a href="https://mastodon.xyz/@nextcloud" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>nextcloud</span></a></span> )</li><li><span class="h-card" translate="no"><a href="https://social.nitrokey.com/@nitrokey" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>nitrokey</span></a></span> (a better alternative to <span class="h-card" translate="no"><a href="https://infosec.exchange/@yubico" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>yubico</span></a></span> / <a href="https://infosec.space/tags/Yubikey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Yubikey</span></a>) </li></ul><p>And for <a href="https://infosec.space/tags/PasswordManagers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PasswordManagers</span></a>, there's also <a href="https://infosec.space/tags/Enpass" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Enpass</span></a> for those that don't like <a href="https://infosec.space/tags/KeePassXC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KeePassXC</span></a> / <a href="https://infosec.space/tags/KeepPassDX" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KeepPassDX</span></a> / <a href="https://infosec.space/tags/KeePass" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KeePass</span></a> and for organizations there's even <a href="https://infosec.space/tags/Passbolt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Passbolt</span></a> as a centrally manageable solution. All of these allow <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> & <a href="https://infosec.space/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosting</span></a> on-premise.</p>
Robyn<p>Mein <a href="https://chaos.social/tags/yubikey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>yubikey</span></a> wird in <a href="https://chaos.social/tags/keepassxc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keepassxc</span></a> nicht mehr erkannt bzw erkannt aber nicht mehr gelesen. 😥😵💫🙈</p><p><a href="https://chaos.social/tags/PCSC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PCSC</span></a> läuft. Hab das auch nochmal neu installiert. Aber hat nichts gebracht. 😵💫</p><p>Hat jemensch eine Idee wie ich das fixen könnte? 😅🙈<br><a href="https://chaos.social/tags/eh22" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eh22</span></a></p>
Privacy Guides<p>If you are looking for a good password manager you can use from anywhere, there are plenty of excellent options to choose from. However, if you prefer to only store your passwords locally, KeePassXC is what you need. In our latest tutorial, we'll walk through setting up KeePassXC to work with your YubiKey as an additional factor to secure your local-only password database.</p><p><a href="https://www.privacyguides.org/articles/2025/03/18/installing-keepassxc-and-yubikey/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">privacyguides.org/articles/202</span><span class="invisible">5/03/18/installing-keepassxc-and-yubikey/</span></a></p><p><a href="https://mastodon.neat.computer/tags/KeePassXC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KeePassXC</span></a> <a href="https://mastodon.neat.computer/tags/YubiKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YubiKey</span></a> <a href="https://mastodon.neat.computer/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://mastodon.neat.computer/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> <a href="https://mastodon.neat.computer/tags/KeePass" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KeePass</span></a> <a href="https://mastodon.neat.computer/tags/KeePassX" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KeePassX</span></a> <a href="https://mastodon.neat.computer/tags/PrivacyGuides" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PrivacyGuides</span></a> <a href="https://mastodon.neat.computer/tags/Article" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Article</span></a></p>
Cyberduck 🐣<p>New tutorial on how to connect to SFTP with private key stored on <a href="https://fosstodon.org/tags/YubiKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YubiKey</span></a> <a href="https://docs.cyberduck.io/tutorials/sftp_publickeyauth_yubikey/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">docs.cyberduck.io/tutorials/sf</span><span class="invisible">tp_publickeyauth_yubikey/</span></a></p>
Em :official_verified:<p>New Privacy Guides article 🔑✨<br>by me: </p><p>If you are using a YubiKey, </p><p>you might get in some situations where you need to reset your key to factory default, and/or set up a backup of it on a spare key.</p><p>This tutorial will guide you <br>through each step to reset and back up your YubiKey successfully, with clear instructions and plenty of visual support.</p><p>I hope you find it helpful!</p><p><a href="https://www.privacyguides.org/articles/2025/03/06/yubikey-reset-and-backup/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">privacyguides.org/articles/202</span><span class="invisible">5/03/06/yubikey-reset-and-backup/</span></a></p><p><a href="https://infosec.exchange/tags/PrivacyGuides" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PrivacyGuides</span></a> <a href="https://infosec.exchange/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> <a href="https://infosec.exchange/tags/Yubico" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Yubico</span></a> <a href="https://infosec.exchange/tags/YubiKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YubiKey</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://infosec.exchange/tags/OTP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OTP</span></a> <a href="https://infosec.exchange/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenPGP</span></a> <a href="https://infosec.exchange/tags/Encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Encryption</span></a> <a href="https://infosec.exchange/tags/MFA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MFA</span></a></p>
Privacy Guides<p>Always remember, when it comes to hardware security keys: Two is one, one is none.</p><p>Our latest article covers the setup process for two YubiKeys (from Yubico's YubiKey 4 or 5 series) to keep your online accounts safe and secure 🔒 + it goes through resetting your existing keys to a blank slate, and the reasons you might want to do so!</p><p><a href="https://www.privacyguides.org/articles/2025/03/06/yubikey-reset-and-backup/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">privacyguides.org/articles/202</span><span class="invisible">5/03/06/yubikey-reset-and-backup/</span></a></p><p><a href="https://mastodon.neat.computer/tags/YubiKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YubiKey</span></a> <a href="https://mastodon.neat.computer/tags/HardwareSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HardwareSecurity</span></a> <a href="https://mastodon.neat.computer/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> <a href="https://mastodon.neat.computer/tags/Yubico" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Yubico</span></a> <a href="https://mastodon.neat.computer/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://mastodon.neat.computer/tags/PrivacyGuides" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PrivacyGuides</span></a> <a href="https://mastodon.neat.computer/tags/Article" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Article</span></a></p>
David Nelson<p>People who use hardware security keys: Storing them in geographically diverse locations is a wise move but makes it impossible to quickly onboard. How do you keep track of where you’ve registered each key? A checklist in a spreadsheet is obvious but cumbersome. Is there a better way? (Yes I use passkeys extensively but for certain services like email, iCloud, and my password manager, a hardware option is desirable if not mandatory.) <a href="https://mastodon.social/tags/YubiKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YubiKey</span></a> <a href="https://mastodon.social/tags/YubiKeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YubiKeys</span></a> <a href="https://mastodon.social/tags/FIDO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FIDO</span></a> <a href="https://mastodon.social/tags/FIDO2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FIDO2</span></a> <a href="https://mastodon.social/tags/FIDOKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FIDOKey</span></a> <a href="https://mastodon.social/tags/FIDOKeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FIDOKeys</span></a> <a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload