oct-git focuses exclusively on ergonomic use with OpenPGP card-based signing keys
It is designed to be easy to set up, standalone (no long running processes), and entirely hands-off to use (no repeated PIN entry required, by default). It comes with desktop notifications for touch confirmation (if required)
Ich überlege gerade ernsthaft, für meine 3 #GPG-Keys (potentiell mehr) ein #HSM2 von #NitroKey zu besorgen... wie gut ist das unter GnuPG nutzbar? Wie sind Eure Erfahrungen?
Laptop died yesterday but thanks to the #Librem5, the Baseus Dock, an HDMI Screen, a USB keyboard and #Phosh's docked mode I have access to most of the things via my phone.
#nitrokey helps a lot as that means I have my ssh keys available by just plugging it in.
Took me about 15min to notice that I didn't even plug a mouse in.
I moved to a Thinkpad w541 with coreboot so I needed to set up my email encryption on Thunderbird again.
It took me more time to reconfigure it again - as usual - so I decided to take notes this time and create a blog post about it. As this might be useful for somebody else … or me in the future :-)
@adamsdesk For the fsf europe fellowship card I don't know. I got my card 8 year ago from floss-shop.de. (I live in Europe/Belgium BTW ) You can check with them if they ship to Canada.
But the setup should work with any GPG compatible smartcard. I'm also looking at #nitrokey Not sure if nitrokey is available on your side of the ocean 🙂
This release should fix build issues (the previous version didn't build on mac).
However, we're still exploring how secret storage works on non-Linux platforms. Expect a bumpy ride if you try it.
(If you do delve into debugging on mac or windows, we'd love to hear from you!)
❤️ Happy Valentine's Day from your Nitrokey team! We even have a present for you! ❤️
📣 Nitrokey is giving you the privacy screen protetor and the protective case for your NitroPhone 3a in our Valentine's Bundle! Let us give you a present and start your safe smartphone use without any worries. 😍
Sobald Passkeys offiziell für KeePassXC (Desktop) und/oder KeePassDX (Android) verfügbar ist - nicht als Beta, sondern als Stable - wird es einen Beitrag dazu geben. 🔒
In light of the news that Authy is discontinuing their desktop app in August of 2024, we want to let everyone know that Tuta supports all major authenticator apps & U2F keys. 🔐
No need to worry about compatibility when making the jump to a new authenticator app.🤹
@tedzanzibar I would actually urge you to disable to auto update for the #bitwarden extension. Looks like @bitwarden implemented #passkey support in a way that makes it unable to login using hardware tokens like the #yubikey or #nitrokey . If you already use those as passkeys, updating the extension will effectively lock you out of services where you need a passkey to login. Tested on #chromium, but I assume #firefox will behave the same.
Eventuell habe ich die Verwendung von #YubiKey oder #NitroKey missverstanden. Aber unter #Linux ist das nicht für die alltägliche Benutzung geeignet.
Meine Vorstellung an diese Key's: Login mittels MFA, damit ich diese #MFA Codes nicht mehr eingeben muss sowohl am #Smartphone und #Comupter - einfach an tippen und fertig, dachte ich. Die Realität sieht anders aus.
Welches Thema interessiert euch im Bereich #Sicherheit und #Datenschutz besonders? Gibt es einen Wunsch für ein Tutorial? Dann nutzt die Gelegenheit und macht Vorschläge. Diese bespreche ich dann mit @rufposten und wir schauen, ob und welche Themen wir näher beleuchten. 🔎
Furthermore: why FIDO2 does have some advantages compared to passkeys when #security is more important than convenience. Passkeys leaks your private key to the #cloud provider.
They're reselling white-label hardware keys and selling modded ThinkPads and Pixel phones at a significant markup-- the NitroKey 3 Pro is just a Pixel 7 Pro with a custom ROM and an almost $600 markup.
I'd bet the certificates in their keys, just like my Thetis key (see attached & alt text), will tell you the original manufacturer of those keys.