50

I see Google and Apple really embracing passkeys lately and I’m trying to understand the hype, but it can be challenging. I also see that Bitwarden and 1Password are embracing them too. As far as I can tell, passkeys are just key pairs that behave like FIDO2 tokens (e.g. my yubikey) but are backed up to some cloud and usable from multiple synchronized trusted devices. Is this accurate? How would I go about implementing a self-hosted Linux equivalent? Use it with pam? Is this just a fancy ssh-agent for other protocols? What are you all doing in the eliminating passwords space?

[-] metasyntactic@infosec.pub 9 points 1 year ago

NixOS. I’ve been running Linux since Slackware 1.0, since then have run Debian, LFS, RedHat, CentOS, Gentoo, Arch and Ubuntu. After years of Ubuntu I discovered NixOS and after diving deep into it, have never been happier with a distro. All of my machines and dot files are in a straightforward single language in a git repo. The mutable parts of all my applications are nicely isolated and backed up and I can make changes to my systems fearlessly. It has a very steep learning curve, but it’s amazing.

[-] metasyntactic@infosec.pub 7 points 1 year ago

Doesn’t unofficial Linux support seem likely seem likely? Though I’ve heard it only works well with AMD GPUs on Linux, is that right?

[-] metasyntactic@infosec.pub 8 points 1 year ago

The control and deterministic nature of it is amazing. I have a git repo for all of my machines entire config. I have no fear that installing something will break or make things that would require blowing away and reinstalling. Also blowing away and reinstalling is no big deal, as is building new boxes. It has a high bar for learning to use it effectively, but the view is worth climbing the mountain.

[-] metasyntactic@infosec.pub 5 points 1 year ago

Ketchup! It’s also a vegetable.

metasyntactic

joined 1 year ago