Re: xz backdoor
- To: Pierre-Elliott Bécue <peb@debian.org>, Luca Boccassi <bluca@debian.org>
- Cc: debian-devel@lists.debian.org
- Subject: Re: xz backdoor
- From: Ansgar 🙀 <ansgar@43-1.org>
- Date: Mon, 01 Apr 2024 12:40:51 +0200
- Message-id: <[🔎] 0b2f59fc2371cba446f30c53ef6daf0384586378.camel@43-1.org>
- In-reply-to: <87jzliy3vv.fsf@daath.pimeys.fr>
- References: <ZgcgCR8uDPIXVJS_@akarlsso-mac.trudheim.com> <87a5mgkcn4.fsf@hope.eyrie.org> <875xx4k9bv.fsf@hope.eyrie.org> <36567ed4-7246-4466-9122-2934d6e9f18f@debian.org> <Zgg3Gm0aGIdQCMua@bongo.bofh.it> <845606FD-868C-4509-A0B1-5B43228CACF7@riseup.net> <9b21d870fa7b67add8c4f52016012bd3@kvr.at> <ZgjI6eznpC34xsbs@novelo> <ZgkLUpYx8qf9I_Jv@belkar.wrar.name> <20240331072156.lasu37crgaluzmcb@shell.thinkmo.de> <CAMw=ZnSAu1tY+pHWvfGV_0w9zMmtwhezP8TcweS81WLEWPsi-Q@mail.gmail.com> <87jzliy3vv.fsf@daath.pimeys.fr>
Hi,
On Sun, 2024-03-31 at 14:34 +0200, Pierre-Elliott Bécue wrote:
> The PGP submodule of a Yubikey can host 3 keys, one signing, one
> authent, and one encrypt. ISTR accessing the signing key is always
> prompting for the PIN. Same for the encryption key. (I think both can
> be configured otherwise)
I think presence confirmation is more useful, that is, interacting
physically with the device for each signature. The Yubikey can do that
also for OpenPGP:
```
$ ykman openpgp keys set-touch --help
[...]
Touch policies:
Off (default) no touch required
On touch required
Fixed touch required, can't be disabled without deleting the private key
Cached touch required, cached for 15s after use
Cached-Fixed touch required, cached for 15s after use, can't be disabled
without deleting the private key
```
(The PIN can still be cached.)
For OpenSSH it might also be more convenient to use Webauthn, that is,
the keys generated using `ssh-keygen -t ed25519-sk` or `-t ecdsa-sk`.
Ansgar
>
Reply to: