I do use a Yubikey too. Le 6/14/21 à 11:27 PM, Tim Peters a écrit : > If I buy one and plug it in, and that's the end of it, fine by me
That's almost as simple as you want: - In Github settings 2FA tab you'll have to hit a "Register a new security key" button, it make your key "blink" (blinking mean: please touch the key to allow this action). - Then every time you login your key blinks and you have to touch it to allow this action. And that's it. It uses an open standard called U2F [1] which works on a variety of setups (it works with Firefox on Debian for example). It also works on pypi.org \o/. If the PSF is willing to help financially, I'd recommend everyone to buy (and register) two keys: a primary key and a backup key in case you loose or break the first one. I personally have a USB-C key and a USB-A key, so I can choose my key according to the USB port I need to use. Then optionally you can setup a PIV application on the key to store your private ssh key, and use PKCS11 to forward ssh connexions challenges to be resolved by the key. The big advantage is: your private key never leave the key (which is write-only). It's way more complicated than U2F though! [1]: https://en.wikipedia.org/wiki/Universal_2nd_Factor -- [Julien Palard](https://mdk.fr) _______________________________________________ python-committers mailing list -- python-committers@python.org To unsubscribe send an email to python-committers-le...@python.org https://mail.python.org/mailman3/lists/python-committers.python.org/ Message archived at https://mail.python.org/archives/list/python-committers@python.org/message/HZPN57WF77CRUZAVSJQ7XP32V6I2VBE6/ Code of Conduct: https://www.python.org/psf/codeofconduct/
