Re: wanted: educate us please on key dongles
On 08/29/2017 07:34 PM, Marc Haber wrote:
> On Fri, Aug 11, 2017 at 01:41:39PM +0100, Jonathan McDowell wrote:
>> * Yubikey. I'm not sure about this; it's entirely closed these days
>> I believe. However they're easily available and I understand
>> they're pretty robust in terms of living on a keyring all the
> I am using these devices for ssh login via the PIV suite. It's also
> limited to 2048 bit RSA, but can also do Elliptic Curve stuff. I neither
> have tried the Elliptic Curve cryptography in my Yubikeys and have never
> tried GnuPG (afraid of overwriting my ssh key).
I don't know about SSH, but with GnuPG you can do 4096bit RSA with a
YubiKey 4, the non-free successor to the Neo, which indeed only
supports 2048bit RSA.