skepller@lemmy.world to Programmer Humor@programming.devEnglish · 12 天前GitHub authlemmy.worldimagemessage-square80linkfedilinkarrow-up1735arrow-down116
arrow-up1719arrow-down1imageGitHub authlemmy.worldskepller@lemmy.world to Programmer Humor@programming.devEnglish · 12 天前message-square80linkfedilink
minus-squareEvotech@lemmy.worldlinkfedilinkarrow-up2·11 天前It’s not about encryption/security it’s about creating something that can’t be phished. We know that 2fa is secure. But if an attacker can trick you into giving them the code, or typing it in a fake box. Then they own you. Passkeys are made so that there’s nothing to give, nothing to type. You must control the device.
minus-squareramjambamalam@lemmy.calinkfedilinkEnglisharrow-up4·11 天前SSH keys are more like passkeys than passwords.
minus-squareEvotech@lemmy.worldlinkfedilinkarrow-up1·edit-211 天前I’d love to see the state of online banking if everyone were to manage their own ssh keys In all seriousness, they are similar, but not quite in this context. There’s a good project on how to make ssh key infra more scalable and innately secure. Then you can use passkeys on top if you’d like. https://github.com/openpubkey/openpubkey https://github.com/openpubkey/opkssh I personally use this on all my servers.
minus-squareramjambamalam@lemmy.calinkfedilinkEnglisharrow-up1·10 天前 I’d love to see the state of online banking if everyone were to manage their own ssh keys Most people couldn’t figure out how to download a binary release from a GitHub repo, much less clone it, regardless of HTTP or SSH.
It’s not about encryption/security it’s about creating something that can’t be phished.
We know that 2fa is secure. But if an attacker can trick you into giving them the code, or typing it in a fake box. Then they own you.
Passkeys are made so that there’s nothing to give, nothing to type. You must control the device.
SSH keys are more like passkeys than passwords.
I’d love to see the state of online banking if everyone were to manage their own ssh keys
In all seriousness, they are similar, but not quite in this context.
There’s a good project on how to make ssh key infra more scalable and innately secure. Then you can use passkeys on top if you’d like.
https://github.com/openpubkey/openpubkey
https://github.com/openpubkey/opkssh
I personally use this on all my servers.
Most people couldn’t figure out how to download a binary release from a GitHub repo, much less clone it, regardless of HTTP or SSH.
True, not the point though