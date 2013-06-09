What other keys are people actively using?
I'm interested in something with equivalent features to the Yubikey 4 (NFC not required, U2F mandatory).
Open source (-ish?) Yubikey alternatives
https://sc4.us/hsm/ $75 | https://news.ycombinator.com/item?id=12053181
https://trezor.io/ $99 | https://news.ycombinator.com/item?id=10795087 (not much on HN)
https://www.floss-shop.de/en/security-privacy/smartcards/13/... €16.40 (OpenPGP Smart Card v2.1; 4096-bit keys)
https://www.fidesmo.com/fidesmo/about/privacy-card/ €15 (NFC only; recommended by the terminated SIGILANCE OpenPGP Smart Card project; 2048-bit keys)
(I've tried scouting around, but not found anything clear yet. Someone's done native support in ssh, but the patch set is hung up on licensing issues and technical quibbles[1], and some of the PAM-based setups seem to require cut-and-paste of crypto strings on every login.)
[1] https://bugzilla.mindrot.org/show_bug.cgi?id=2319
http://www.bootc.net/archives/2013/06/09/my-perfect-gnupg-ss...
Coupled with a standard yubikey+gpg agent setup
Maybe look at my dotfiles if you are stuck:
- https://github.com/aviau/dotfiles
It is for the same reason that services like Google Mail won't let you set up a U2F token without a backup factor.
Hopefully they don't both break at the same time.
It is also hackable: https://doc.satoshilabs.com/trezor-tech/resources.html
The downside of this and the Trezor is that you need a cable to connect it to a device.
The device uses strong encryption (where legal), and goes beyond U2F to include password management, certificate storage, OTP/Google Auth, and plausible deniability. The hardware is teensy-based, and the firmware is open source. The devs have released fairly regular updates, and even encourage hacking on it to meet custom needs.
More info at their site: https://crp.to/
https://crp.to/p/
I am interested to find out more info on the tamper-resistance of the hardware.
- Lets me store certificates and PGP keys
- Has two factor authentication (U2F)
- Has open hard and software (source-available)
Basically, a USB pen drive that allows U2F, and is can be made read only (either by a switch or only writable over a special interface). I don't really need tamper-resistance, pre-generated keys, smart cards or any other advanced features.
At least that was my experience. If somedbody can correct me, I'd be incredibly grateful.
Please take a look at https://github.com/romanz/trezor-agent/blob/master/README-GP... for more details.
Disclosure: I am the main developer of this project.
You can have it emulate USB HID, so presumably U2F would be workable, and it'll do USB Mass Storage too.
Open hardware and software.
An FST-01 is a somewhat better choice, but Gnuk doesn't implement U2F. If someone has enough time and knowledge I don't see why it won't be possible to add it, though.
But are you sure it'll DFU over USB?
If so, for avoiding DFU, could you use some simple hardware to disable the data lines on the OTG port until the Pi had finished booting?
Could one use an i2c or spi based crypto chip for key storage?
Don't have Pi at hand to test for sure, but searching online can't find mentions of USB DFU. I think I may be mistaken.
1) Ordered 2, received 1. Thankfully, support quickly sent the second one once I wrote to them.
2) Now they only work when I plug something else to another port to my Mac (no such problem with Yubikey). No reply since April 29: https://support.nitrokey.com/t/nitrokey-u2f-issues-in-macos-...
Edit: I now noticed they have a different U2F version — the previous one was a card that you fold to make it into a USB dongle.
1) We are changing our warehouse process, adding a technical QA step, so that such mistakes won't happen anymore. Sorry for the trouble.
2) As you noticed, the former U2F is going to be replaced by a new FIDO U2F device which contains a full USB plug for better reliability, is more durable and has a touch button.
- Doesn't support U2F (yet)
- Supports only one password manager [1]
- Recommends using their own password manager (That has a limit of 16 passwords)
[1] https://www.nitrokey.com/documentation/applications#a:passwo...
Note the NitroKey start is a gnuk implementation and is fully open source. The tamper-resistant models are using the BasicCard with Zeitcontrol software.
The alternative to Yubikey that I am aware of is NitroKey, but can't say I am aware of how they match up, feature for feature
It's fully open-source, but the only standard application currently supported is U2F.
Disclosure: this is my product.
I've been toying with the idea of building an open source replacement and fabbing it with a shuttle service but ultimately the cost is really too high to justify.
I've had 2 Yubikeys replaced at their cost after published security exploits highlighted shortcomings. Also haven't had one fail on me yet. Would be curious to learn what your experience was.
I'm all for the a DIY solution, but considering how much of a pickle I'd be in if all of my 2FA tokens were inaccessible, wouldn't the average person want some kind of case or shielding around the exposed board?
Give me an enclosure like Samsung's metal flash drives[0], and then I'd be sold.
[0]https://www.amazon.com/Samsung-METAL-Flash-MUF-32BA-AM/dp/B0...
[0] https://github.com/conorpp/u2f-zero/
The problem currently is a) most sites want passwords b) I do not want to mess with cables c) NFC is not ubiquitous.
https://www.crowdsupply.com/inverse-path/usb-armory
The following example security application ideas illustrate the flexibility of the USB Armory concept:
mass storage device with advanced features such as automatic encryption, virus scanning, host authentication and data self-destruct
OpenSSH client and agent for untrusted hosts (e.g Internet kiosks)
router for end-to-end VPN tunnelling
Tor bridge [see this, for example]
password manager with integrated web server
electronic wallet [the Electrum Bitcoin wallet works out of the box on the USB Armory. It has been tested with X11 forwarding from Linux as well as Windows hosts.]
authentication token
portable penetration testing platform
low level USB security testing
Can't vouch for it (either product or support), but it exists.
https://www.nitrokey.com
AFAIK they are used at Mozilla. The Firmware is Open Source. Downside is that not all their dongles support U2F.
The only dongle to support U2F is currently only available for pre-order, with ETA in autumn 2017.
That said, I have looked for alternatives and found none.
I am most disappointed in the mediocre coverage of their RDP drivers. I need to use all the features over RDP. Some work and some don't.
* Do not allow smart card redirection Group Policy object
It could be a valid business decision (I.e. uneven browser support will confuse our users and increase costs) but I think they are just using that as a delay tactic.
The gotchas I've encountered while using them on OSX:
- The pins for PIV and OpenPGP are separate as these are separate modules on the card.
- You can't use the PIV or NEO GUI managers and gpg at the same time. You might have to unplug and plug the token
back in when switching back and forth between GUI/cmdline Yubico tools and gpg.
- Forgetting to change my environment to use gpg-agent instead of ssh-agent.
- Typing in my local password instead of the PIV pin when logging into OSX while I have a token with PIV enabled
plugged in.
For people asking about backing up material on OpenPGP modules: these are write only. Generate your material locally with gpg instead of generating them on the smart card itself and use the keytocard command to copy the keys to the card. You can backup your keyring prior to moving keys and restore it before copying keys to each card or ctrl c out of gpg without saving the keyring references for the material that was moved to the smart card.
I used bits and pieces from a few guides to get the setup I wanted as this was my first experience with smart cards and advanced use of pgp:
https://www.esev.com/blog/post/2015-01-pgp-ssh-key-on-yubike...
https://rnorth.org/gpg-and-ssh-with-yubikey-for-mac
http://suva.sh/posts/gpg-ssh-smartcard-yubikey-keybase/
https://www.jfry.me/articles/2015/gpg-smartcard/
https://spin.atomicobject.com/2013/11/24/secure-gpg-keys-gui...
https://alexcabal.com/creating-the-perfect-gpg-keypair/
Overview of my process (on an air gapped machine):
- Configure gpg.conf.
- Generate master, subkey, and revocation material on an encrypted USB drive for offline backup of materia
along with revocation certificates.
- Backup original .gnupg directory to another folder on the encrypted USB drive.
- Copy .gnupg directory to second encrypted USB drive for offsite backup.
- For each smart card I wanted the same material on:
-- Change default user and admin pins.
-- keytocard subkeys for (S)ign, (E)ncrypt, (A)uthenticate (without saving keyring).
-- Require local touch for all material ( Yubico specific: https://developers.yubico.com/PGP/Card_edit.html ).
-- move on to next card.
-- save keyring after running keytocard on the last card so the subkey material no longer exists in the local keyring, only
references to it (this might not be necessary, I need to test).
- Generate a copy of the keyring without master key to use on daily machine(s). Might also only need to have the master
material minus the key in the keyring as noted above. I haven't tested how
- Copy new keyring to another USB drive for transferring to daily machine(s).
- Configure gpg-agent.conf and gpg.conf on daily machine.
https://developers.yubico.com/ykneo-openpgp/ResetApplet.html
https://www.yubico.com/support/knowledge-base/categories/art...
Not to dismiss YubiKey but companies that can afford 2 factor and take security seriously already have SecurID for a long time.
That "gold standard" required reissuing 40 millions of devices in 2011 due to a single server breach. Lockheed-Martin was apparently really, really happy about it, too.
If that's your desired level of security, just use any TOTP authenticator app on your smartphone.
A lot of mails going to the post office. That's one of the good thing about this hardware tokens, you can decommission and replace them easily.
What's expensive it to redo all your applications and systems to have 2 factor authentication.
The problem with many affordable TOTP tokens is clock drift. Are RSA's tokens better with that?
