skepller@lemmy.world to Programmer Humor@programming.devEnglish · 3 days agoGitHub authlemmy.worldimagemessage-square78fedilinkarrow-up1717arrow-down116
arrow-up1701arrow-down1imageGitHub authlemmy.worldskepller@lemmy.world to Programmer Humor@programming.devEnglish · 3 days agomessage-square78fedilink
minus-squareEvotech@lemmy.worldlinkfedilinkarrow-up2·1 day agoIt’s not about encryption/security it’s about creating something that can’t be phished. We know that 2fa is secure. But if an attacker can trick you into giving them the code, or typing it in a fake box. Then they own you. Passkeys are made so that there’s nothing to give, nothing to type. You must control the device.
minus-squareramjambamalam@lemmy.calinkfedilinkEnglisharrow-up4·20 hours agoSSH keys are more like passkeys than passwords.
minus-squareEvotech@lemmy.worldlinkfedilinkarrow-up1·edit-217 hours agoI’d love to see the state of online banking if everyone were to manage their own ssh keys In all seriousness, they are similar, but not quite in this context. There’s a good project on how to make ssh key infra more scalable and innately secure. Then you can use passkeys on top if you’d like. https://github.com/openpubkey/openpubkey https://github.com/openpubkey/opkssh I personally use this on all my servers.
minus-squareramjambamalam@lemmy.calinkfedilinkEnglisharrow-up1·8 hours ago I’d love to see the state of online banking if everyone were to manage their own ssh keys Most people couldn’t figure out how to download a binary release from a GitHub repo, much less clone it, regardless of HTTP or SSH.
It’s not about encryption/security it’s about creating something that can’t be phished.
We know that 2fa is secure. But if an attacker can trick you into giving them the code, or typing it in a fake box. Then they own you.
Passkeys are made so that there’s nothing to give, nothing to type. You must control the device.
SSH keys are more like passkeys than passwords.
I’d love to see the state of online banking if everyone were to manage their own ssh keys
In all seriousness, they are similar, but not quite in this context.
There’s a good project on how to make ssh key infra more scalable and innately secure. Then you can use passkeys on top if you’d like.
https://github.com/openpubkey/openpubkey
https://github.com/openpubkey/opkssh
I personally use this on all my servers.
Most people couldn’t figure out how to download a binary release from a GitHub repo, much less clone it, regardless of HTTP or SSH.
True, not the point though