Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> Yeah, that is why you should not generate it on a YubiKey

No. You should ALWAYS generate on the Yubikey. That's the whole point.

Your backup is one (or more) other keys.



A lot of absolutes are being thrown around in the comments here, unfortunately. It really depends on your scenario.

Generating keys exclusively in (non-backup-able) secure hardware is great if your scenario readily supports multiple keys per server/domain you're authenticating in.

Creating an airgapped backup and loading that into a "daily driver" Yubikey marked as non-exportable can be perfectly fine if that's not the case and you don't want to notify the world every time you're adding or retiring a new Yubikey (for reasons other than key compromise).


Depends on your use case, and you will still have to generate your master key offline even if you want the subkeys generated directly on each YubiKey, which then you sign with the master key.

It is only slightly less secure if you pre-generate subkeys on an offline machine if you want identical subkeys on multiple devices (and if you want exact backups). Sometimes this is exactly what people want.

Ultimately it really depends on your use case.

BTW, please check the parent comments to which I responded.

PS. I think it would be useful for others if you elaborated on your statements (for educational purposes).




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: