search

kryptco / krypton-android

DEPRECATED Krypton turns your Android device into a U2F Authenticator: strong, unphishable 2FA.
https://krypt.co
Other
203 stars 50 forks source link

any plans on supporting multiple ssh keys? #38

Open anantshri opened 7 years ago

kcking commented 7 years ago

Yes, we are working on support for multiple keys, but we'd also like to hear how/why you use multiple keys now.

anantshri commented 7 years ago

looks like i missed commenting here.

Multiple cases

  1. i prefer the threat model where i have one key per server. when i am going to the pain of not keeping the key at my disk i would also prefer keeping seperate key per server or per class of action.
  2. Github or simmilar setup disallow single key for multiple account.

this should be reason enough to work on multi key support.

agrinman commented 7 years ago

Agreed. We're working on this :)

nakedible-p commented 6 years ago

Supporting multiple keys on a single phone would be interesting for us, as the same phone can be used in multiple security contexts. For example, the same phone might be used to access both testing and production servers - testing servers might allow a key to be used without requiring separate authorization for each access, but production servers could require authentication on every usage. Also, as a user, it would be beneficial to clearly see which accesses use a lower-security key and which use a higher-security key.

I would propose the possibility of creating several keys on the phone, with differing security attributes, and assigning colors to each phone. Signing requests for dev servers might be green, but signing requests for production servers would be red. Pairing would need to have an extra step where the key to be used would be selected.