Open con-f-use opened 6 months ago
The current Bio series can't be supported, correct. The FIDO and FIDO2 protocols do not expose enough to support encryption.
I do see that there is a YubiKey Bio Series Multi-protocol Edition listed as "coming soon", and that should work as-is. The only question will be if the PIN and touch policies are more customizable given the biometric authentication; that might require some tweaking here to support properly.
From my experience with the regular bio, the fingerprint just replaces the regular touch, pin works the same on both serieses and is required in the same situations (which, together with the lack of PIV and NFC, imo makes the bio series way inferior, but that is another topic).
It seems that non-PIV enabled yubikeys like the Bio Series cannot be used with the age-plugin, correct? Is that fundamentally impossible? If not, I'd like to request support.