Don't tell me you have your keys in user space?
#Nitrokey #riskmanagement #redteam #dfir #opsec
Recent searches
Search options
#nitrokey
2 posts2 participants0 posts today
Meine Datenschutz und Privatsphäre Übersicht 2025, für die Allgemeinheit 
Teilen erbeten 
als PDF:
https://cryptpad.digitalcourage.de/file/#/2/file/NdmBgSYkRCto8B+JmJkE9mQ4/
#DSGVO #TDDDG ( #unplugtrump )
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #Digitalisierung #FragdenStaat #Shiftphone #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz
Continued thread
Besides the #Nitrokey FIDO2, I also already have a Nitrokey U2F & a Solo Somu from #SoloKeys, so I wasn't too keen on paying 50€ + shipping for a new Nitrokey 3A Mini – a product I wouldn't need if my old key's firmware had been updated.
Instead, I bought a 
Token2 PIN+ Dual R3 whose hardware and firmware is also open-source and which costs only 25€ + shipping: https://www.token2.eu/shop/product/pin-dual-release3-fido2-1-key-with-openpgp-and-otp-and-dual-usb-ports #T2F2
The only downside is that #Token2 manufacture their products outside Europe (Nitrokeys are made in 
).
www.token2.euTOKEN2 Sàrl is a Swiss cybersecurity company specialized in the area of multifactor authentication. We are a FIDO Alliance member.FIDO2 USB Key, U2F USB Key, Cheap Yubico alternative, FIDO2, fido alliance certified security keys Replace your mobile authenticator with secure hardware OTP token! Easily programmed via NFC. Designed to use with Google, Facebook, Dropbox, GitHub, Wordpress, Office 365, Azure MFA etc.
As I need an Ed25519-SK SSH key generated with a hardware token, I tried to use my Nitrokey #FIDO2 for that, but: no.
Years ago, #ed25519 had experimentally been added to the firmware (not released) but later #Nitrokey stated that customers should've donated on top of the selling price to get firmware updates & advised to buy the new product instead.
The latter would be OK if the old key wasn't sold anymore, but it is still sold & the firmware was last updated in 2021.
https://github.com/Nitrokey/nitrokey-fido2-firmware/issues/39#issuecomment-1721164809
Wenn Sie einen 
#NitroKey (Hardware Token) verwenden, so können Sie Ihre(n) Server auch mittels 2FA bei der Verwendung von 
SSH schützen. Wie das geht beschreiben wir in diesem Artikel 
Carsten Rieger IT-Services · SSH Zugang mit 2FA - Protected by Nitrokey (3AMini) - Carsten Rieger IT-Services
More from 
Carsten Rieger IT-Services 
Replied in thread
Wird es möglicherweise nicht: Jedes einzelne Passwort verschlüsselt mit gpg, privater Schlüssel existiert nur in einem #Nitrokey. Zur Nutzung des Nitrokey muss dessen Gehäuse berührt werden.
https://chrichri.ween.de/articles/a248ad8/nitrokey-3-usb-c
https://chrichri.ween.de/articles/8664afb/storing-passwords-and-using-a-2nd-factor-for-authentication
Chris Vogel's microblogNitrokey 3 usb-cLooking for an alternative to my #LibremKey...
strobelstefan.deNitrokey 3 - Firmware Update und Nitrokey App 2 getestet - Stefans WeblogEin kurzer Erfahrungsbericht - Update auf die neueste Firmware bei einem Nitrokey 3 durchgeführt und die Nitrokey App 2 gestestet.
Replied in thread
@splitbrain @xfce I'm using a nitrokey 3Amini. Works fone and without trouble...
https://dokuwiki.nausch.org/doku.php/nitrokey:arch:3a#nitrokey_start_und_secure_shell
dokuwiki.nausch.orgNitrokey 3A mini in der Praxis unter ArchLinux [Linux - Wissensdatenbank]
"fwupdmgr security" on my ThinkPad T14s Gen4 running on Fedora Linux 41.
Full HSI-4 security standard with secure-boot enabled and Linux kernel in lockdown mode.
Hard disk encrypted with LUKS and the key is stored on a hardware security module (#Nitrokey 3 USB Stick) and protected by a PIN number.
Replied in thread
#Nitrokey 3 Firmware 1.8 With PIV Windows Login, NIST P-521, Brainpool
https://www.nitrokey.com/news/2025/nitrokey-3-firmware-18-piv-windows-login-nist-p-521-brainpool
Replied to Nitrokey
@nitrokey OK, ich werde es versuchen. Bestellt ist der #Nitrokey schon. Mal schauen, ob ich das für #archlinux umsetzen kann.
@nitrokey
Ich möchte auf meiner #archlinux Maschine, beim booten die #LUKS Crypto der Festplatte mit einem #Nitrokey entsperren. Außerdem die Passworteingabe beim login bei XFCE/lightdm und beim entsperren der Keepass Datenbank ablösen. Ist das möglich?
Schon wäre auch SSH
While 2024 is reaching the finish line, we‘d like to take a moment to thank everyone who is supporting us on our mission to secure the digital life. 
We‘re truly grateful for having such loyal customers. 
We wish you happy holidays! 
May 2025 be the year we all wish for! 
Stay secure! 
With the release of `nethsm-cli` 0.6.0 it is now possible to issue signatures for signing requests! 
https://crates.io/crates/nethsm-cli/0.6.0
Signing requests for files can be created using `signstar-request-signature` (see https://chaos.social/@dvzrv/113646761365294969).
crates.iocrates.io: Rust Package Registry
We have just released the first version of
`signstar-request-signature`, which is another piece of the #Signstar puzzle.
https://crates.io/crates/signstar-request-signature/0.1.0
With this #RustLang #crate a #library and #CLI is provided for creating, reading and writing of signing requests for files.
The implementation has again been done by the awesome @wiktor 
crates.iocrates.io: Rust Package Registry