On Thu, Mar 23, 2023 at 09:51:17AM -0400, Greg Troxel wrote:
> It looks like the Yubikey 5 might fit the bill.
I am totally happy with my Yubikey and its usage in NetBSD and Firefox
(but I use 10_BETA and -current, though that probably only makes a difference
for the ssh usage).
I am regularily using WebAuthN with firefox for various sites and it
works perfectly.
I am also using it for Github (to log into the webpage) but also for
ecdsa-sk ssh keys (ssh agent pops up and asks me to insert and tap the
key whenever that ssh key is used for the first time).
For TOTP there are various python and ruby based solutions
in pkgsrc/security (and its trivial).
I use a few homgrown scripts (few lines) around pyotp, like:
print(pyotp.TOTP('MYSECRET').now())
where MYSECRET was the code the web page gave me when registering.
Martin
