Add documentation on SSH Authentication with FIDO2 #514
Conversation
ABuljko
force-pushed
the
ssh-authentication
branch
2 times, most recently
from
ba4dee0 to
06bd7a2
Compare
ABuljko
force-pushed
the
ssh-authentication
branch
from
06bd7a2 to
8958431
Compare
Updated SSH section to include GitLab and GitHub references, clarified passphrase usage, and improved overall text flow.
|
I think we should give a more specific recommendation regarding non-resident or resident key. @daringer please have a look. |
Clarified the note about file names for generated keys.
|
@daringer please have a look at the CI error. |
otherwise this lgtm |
|
Squashing commits is the default here so no need to extra squash it. Shall we ignore the CI error and merge anyways? |
|
|
||
| .. note:: | ||
|
|
||
| Resident keys can later be listed and imported on another system with: |
There was a problem hiding this comment.
see above comment about reasoning for resident keys
|
|
||
| 2. Open a terminal and create your SSH key. Replace ``"your_comment"`` with a label to identify it (e.g., "Nitrokey GitLab"). | ||
| By default, the key is a non-resident key, meaning a local key handle is stored in ``~/.ssh/`` while the private key remains securely on the Nitrokey. | ||
| Use the ``-O resident`` option if you want the key to be portable across systems. |
There was a problem hiding this comment.
for now I would not mention any reason for or against resident keys - I'd prefer to have a separate page/article in FIDO2 about Resident-Keys/Passkeys. Please just leave a recommendation that people should use resident-keys for ssh.
There was a problem hiding this comment.
ok, let's leave the "recommendations" out and just describe the different options (like -o resident) and the refer to the page/article which describes the resident-key-advantages/disadvantages
3 participants
Documentation on SSH Authentication with FIDO2 for GitLab and GitHub.