> On Dec 29, 2025, at 11:57, David Arroyo <[email protected]> wrote:
>
> On Sun, Dec 14, 2025, at 07:43, sirjofri wrote:
>> More ideally, but also offtopic, I's like to have a factotum usb drive,
>> where the secrets never leave the usb device. It would talk 9p directly
>> over the serial bus.
>
> I think this is a great idea; an HSM-like device with an interface that
> doesn't suck. After some discussion about this idea on IRC, I want to
> try and implement it. I purchased the "security" variant of this family
> of microcontrollers:
This sounds like a great idea. But personally I would like to have a portable
solution: something that works on all OSes. I currently use a yubikey to store
an ED25519 private key that I can use for ssh (thus also git) and gpg (thus
also “pass”, which uses gpg to store passwords) on every OS except 9. And it
does the FIDO stuff too. So I wish yubikeys could be supported with factotum
somehow too. I’m not quite sure what that would entail in practice; but it is
a device that stores secrets that they promise can't be extracted from it.
Bitcoin wallet devices can be used this way too, but they tend to be bulkier
and less robust.
------------------------------------------
9fans: 9fans
Permalink:
https://9fans.topicbox.com/groups/9fans/T969c381dcd9c760d-Mc83861eb161a4e98c3fbb515
Delivery options: https://9fans.topicbox.com/groups/9fans/subscription
