←back to thread

Sign arbitrary data with your SSH keys

(www.agwa.name)
637 points h1x | 4 comments | 13 Nov 21 09:13 UTC | HN request time: 0.347s | source
Show context
laurent92 ◴[13 Nov 21 09:36 UTC] No.29208611[source]
He’s right, SSH is widespread and easy enough to understand for, at least, programmers. It makes for an excellent tool for signatures. Public keys are easy to upload everywhere. And you pass much less as a nerd as when using PGP.
replies(1): >>29208656 #
mherrmann ◴[13 Nov 21 09:43 UTC] No.29208656[source]
I actually always feel kinda cool when using PGP.
replies(1): >>29208704 #
blitzar ◴[13 Nov 21 09:56 UTC] No.29208704[source]
Nerd.
replies(1): >>29208731 #
1. rwky ◴[13 Nov 21 10:03 UTC] No.29208731[source]
I have my gpg key stored in my yubi keys and use those for SSH so does that make me a super nerd?
replies(3): >>29208813 #>>29208997 #>>29209271 #
2. Ciantic ◴[13 Nov 21 10:22 UTC] No.29208813[source]
Probably, I did that too, but I wish I could switch to FiloSottile's age. However age still says in the docs:

> SSH keys held on YubiKeys can't be used to decrypt files.

So I'm stuck with gpg. I don't want to store my private keys as a file on a computer just to decrypt stuff.

3. errcorrectcode ◴[13 Nov 21 11:11 UTC] No.29208997[source]
Only if you use monkeysphere and fwknop.
4. visualphoenix ◴[13 Nov 21 12:22 UTC] No.29209271[source]
Same. Imho it’s the best solution we have right now.