PIV security key support #25
Comments
|
While the SDK does support PIV, Termbot currently only supports OpenPGP. I haven't figured out a good user interface to decide between PIV and OpenPGP... |
dschuermann
added
enhancement
|
Idea: when adding the HSM, Termbot checks if OpenGPG and/or PIV keys are available. If more than one key is found, the user can chose the key he wants to add to this SSH key profile. The key selection screen shows some general information like key name and location, i.e. OpenGPG/PIV. |
|
Sorry to bother but is there any news on this? It would be super useful to be able to access the keys stored in the PIV interface |
|
Just want to show additional interest in this request. It would be really great to have PIV support. |
|
Having PIV would be great. PIV is much simpler than OpenPGP... |
dschuermann
changed the title
|
IsoApplet is simpler than either of them, basically all you need for SSH auth without cruft. |
|
But it doesn't work with yubikey, does it? |
|
I started to add PIV support, https://github.com/gaspardle/termbot/tree/termbot-piv. Currently only tested with a Yubikey and an RSA certificate.
|
Bug description
According to the readme the Yubikey is supported with PIV keys for SSH login: https://hwsecurity.dev/docs/supported-hardware/
When using TermBot only the OpenGPG key is used, tough.
Steps to reproduce
Expected behavior
When adding a Yubikey or other supported hardware device with PIV support by the SDK a dialogue should offer the user a choice which key system is to be used.
Screenshots
N/A
Android device
Server information
Additional context
Thanks a lot that finally someone cared for a solution to login with Yubikeys with smart phones! I waited for years and would gladly pay for being able to use the PIV keys with a ssh client.
The text was updated successfully, but these errors were encountered: