While not directly applicable to SSH or the ssh-agent protocol (without an extension definition to the protocol that does not yet(?) exist), I really like the properties of Secretive and consider it the best user interface for device-bound, user-friendly and usable hardware keys on macOS.
Would be lovely if the same interface and user experience (fingerprint, notifications, GUI management etc) could also be used for encryption, closest example and possibly first use being something not unlike https://github.com/str4d/age-plugin-yubikey is for removable devices. UPDATE: such thing already exists and is called https://github.com/remko/age-plugin-se
Or maybe expose it via some other interface like PKCS#11 (which does feel annoyingly complex compared to ssh-agent)
0xRake
commented
3 months ago
While not directly applicable to SSH or the ssh-agent protocol (without an extension definition to the protocol that does not yet(?) exist), I really like the properties of Secretive and consider it the best user interface for device-bound, user-friendly and usable hardware keys on macOS.
Would be lovely if the same interface and user experience (fingerprint, notifications, GUI management etc) could also be used for encryption, closest example and possibly first use being something not unlike https://github.com/str4d/age-plugin-yubikey is for removable devices. UPDATE: such thing already exists and is called https://github.com/remko/age-plugin-se
Or maybe expose it via some other interface like PKCS#11 (which does feel annoyingly complex compared to ssh-agent)