Replies: 2 comments 2 replies
-
This SSH key type uses the FIDO2 protocol to communicate with the hardware token. To my knowledge, the FIDO2 protocol only exposes an authentication API; it does not expose the core primitive scalar multiplication operation that is required to implement the recipient encryption that age requires. So it is likely not possible to ever support these kinds of hardware keys. You can encrypt to an identity stored on a YubiKey, by using the |
Beta Was this translation helpful? Give feedback.
-
Maybe this will help one day: |
Beta Was this translation helpful? Give feedback.
-
I was excited when I learned that age permits the use of SSH keys. I keep my SSH keys on Yubikey 5 hardware devices. Unfortunately, it looks like this key type is not supported in age, which is too bad - being able to use my hardware keys would be such an awesome use case for managing encrypted backups. I am not technically savvy enough to know if supporting the sk-ssh-ed25519 key type would be possible, but I think it would be super useful to those of us with hardware keys if it can be done! Thanks!
Beta Was this translation helpful? Give feedback.
All reactions