Am 2015-07-20 um 01:24 schrieb walt: > Congratulations. Yubikeys don't look trivial to set up. I forgot to > mention that Noah (the guy from the podcast) mentioned that he has two > yubikeys, set up identically, in case he loses one of them. Seems that > losing the only one you have would be like losing your wallet with all > your credit cards inside. A nightmare.
Mostly you set it up for 2-factor authentication: if you lose it the finder/thief/attacker only has one factor, the key, and not the 2nd factor, the passphrase (or master password, when you use it with Lastpass). So in that case you use your second yubikey to log in to the service(s) and remove the id of the lost key from the settings ... and that lost key is never able to be used to unlock your account there. With ssh-keys *on the yubikey it's a bit different, you have to revoke these (sub-)keys then but still your ssh-keyring should be protected by a 2nd factor, your passphrase. btw I have 2 keys at hand already, thanks. I am considering to get some of the tiny nano-keys for my thinkpads.
