Hacker News new | comments | show | ask | jobs | submit login

Nitrokey[1] is about the same price as Yubico but has open source firmware & hardware. You might also know them as CryptoStick[2].

[1] https://www.nitrokey.com/

[2] https://blog.mozilla.org/security/2013/02/13/using-cryptosti...




That looks very nice, but it's rather more expensive than the Yubikey. The latter has NFC+U2F in a stick costing $50, whereas the former costs $50 for a stick that has neither.


What’s the use case for NFC?


Using PGP on your smartphone without giving it access to your PGP key - https://grepular.com/An_NFC_PGP_SmartCard_For_Android - That's how I use it anyway.


For usage with mobile applications, where NFC is typically available but USB Host is not, I would imagine.


On Android, you typically have USB host (at least on any phone that someone interested in this tech would buy). On iOS it's moot since NFC is gimped and can't be used by apps.


Most people don't carry the necessary cable around with them, though. NFC doesn't require any additional hardware.

I use it for generating 2FA codes, Yubico Authenticator works like Google Authenticator except that it requires touching the YubiKey to the phone before it shows the 2FA codes. The codes are computed on the YubiKey: https://github.com/Yubico/yubioath-android/blob/63387c02a39b...


My colleague Guillaume Destuynder wrote that blog post. We still use CryptoSticks at Mozilla, with sops[1] to securely store backup keys of some of our secrets files.

[1] https://github.com/mozilla/sops


This looks really neat. Anyone also use these? Thoughts? I might get myself one.

Edit: Also, does this have gpg-agent / ssh support?


I tried the pro model but went back to the FST-01 as it was too slow for RSA 4096 and doesn't support curve25519 for sign/auth.

But, yes, it does work with gpg-agent with ssh support.


Can confirm what bruo said. I use my Yubikey Neo with gpg-agent with "--enable-ssh-support" enabled for ssh agent support.




Applications are open for YC Winter 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: