Filippo Valsorda
Filippo Valsorda
Hmm, you can't issue a Version command or anything like that? I am really reticent to add flags, but first-25519-then-256 does seem too aggressive. If you could find a way...
Congrats on the launch of the Solo V2! I've been thinking about this a bit, and even if it's experimental it's in real hardware, and it's not going away from...
This will be resolved by #95
Hmm, I see the issue. yubikey-agent is kind of designed with the idea of being used with a global graphical pinentry. I would like the complexity of dealing with TTYs...
I think we can do better, we can update piv-go so that ykman uses the stored key itself.
Actually, I looked again at #57 and I like the approach of having a separate command better, so let's call this `yubikey-agent-keygen`, with the same semantics.
> I've opened a PR to add yubikey-agent to nixpkgs: [NixOS/nixpkgs#92936](https://github.com/NixOS/nixpkgs/pull/92936) Wonderful! Once it's merged, feel free to send a PR to add installation instructions to the README!
The attestation certificate is necessary to extract the PIN policy of the slot. If there is a way to obtain it for imported keys, you should open an issue or...
I've considered this feature a few times, but it seems like configuring the agent on a per-host basis would work for those use cases. https://github.com/FiloSottile/yubikey-agent#coexisting-with-other-ssh-agents Does this work for you?
It depends on whether it's necessary to handle use cases not covered by the IdentityAgent solution. Can you help me understand if and why IdentityAgent wouldn't work for you?