The problem I have with security tokens is the same as their strength: it cannot be done remotely. That means that no work can be done remotely, which seems to be bad.
what do you mean no work can be done remotely? it totally can. use gpg-agent to provide your ssh key. you can forward your gpg-agent on and use it to sign commits etc on remote machines.
While adding the requirement of having to physically insert or touch a device to a username and password may seem simple, it is something one can not do remotely.
The problem I have with security tokens is the same as their strength: it cannot be done remotely. That means that no work can be done remotely, which seems to be bad.
what do you mean no work can be done remotely? it totally can. use gpg-agent to provide your ssh key. you can forward your gpg-agent on and use it to sign commits etc on remote machines.
This makes it a highly effective and simple way to greatly limit damage and data theft from remote attackers.
At the same time, though, how do we know that someone is a remote attacker vs. a legitimate user attempting to log in remotely?
when they have the right credentials?
but an attacker can get the credentials. Isn’t that why we’re using security tokens?
the credentials don’t leave your yubikey
but why is that advantageous? what if you lose the yubikey?
if your private key is on disk or even in ram, it’s relatively easy to grab it.
keep a backup on a usb key in a safe somewhere. i broke one and recovered it.
The same thing that happens to everyone who goes through life without making any backups, sorrow and lots of heartache when trouble hits.
This is kinda within the sphere of the problems I’ve been working on the security space: manifesto