Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Certainly, but if both server and client supports it (Ubuntu has shipped with it by default for a few versions now), it's much, much easier to use it instead.


Not everything is a server. And not everything that even is a server can be upgraded.

"Normal" SSH keys will work for (pretty much) all systems that support SSH. And the ones that don't will certainly never support U2F.


> "Normal" SSH keys will work for (pretty much) all systems that support SSH.

And even that is not true in all cases. I still regularly encounter devices that only support 2048 bit RSA and nothing beyond that. /glances in ubiquis direction.


Yeah, I glossed over several details here.

Since I use Yubikeys in PIV mode with PKCS#11, it works just fine to use its 2048bit RSA.

If the option is 2048bit RSA, passwords, or software keys, then I know what I prefer.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: