I ordered a #YubiKey for myself. I was originally going to get a #NitroKey as I much prefer their open source approach. Always support your local KMUs! (small businesses)
However, I really want to be able to unlock my #KeePass database on both #Linux and #Android with it.
The NitroKey 3 supports the proprietary YubiKey challenge-response protocol, but neither #KeePassDX + #ykDroid nor #KeePass2Android work with NitroKeys. (#KeePassXC on desktop does, though!)
What a mess this is…
Finally did activate the NXP SE050 Secure Element in my Nitrokey 3 and generated new on-device keys, by using the amazing "oct" (openpgp-card-tools).
Almost entirely using the modern rust-based openpgp implementations now:
- oct for card management and file signing
- openpgp-card-ssh-agent for SSH authentication
- rsop-oct for file encryption/decryption and package signing
- oct-git for git signing of my code commits
The only part, where I still rely on classic openpgp, is my MUA KMail, where alternatives aren't yet supported.
And it's still a pain, that modern GPG implementations aren't available as Fedora packages *sigh* but cargo works sufficiently well for now.
#linux #rust #openpgp #nitrokey #crypto #security @hko @fedora @nitrokey
Meine Datenschutz und Privatsphäre Übersicht 2025, für alle 
als PDF Datei:
https://cryptpad.digitalcourage.de/file/#/2/file/8U95QSABpeqI+C-LJREL8I2l/
#DSGVO #TDDDG #unplugtrump
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung #Adguard
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung #Leta
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows10 #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #endof10 #OpenAndroidInstaller #Nobara
#Digitalisierung #FragdenStaat #Shiftphone #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #CLOUDAct #Enshittification
#Bloatware #TPM #Murena #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz
Meine Datenschutz und Privatsphäre Übersicht 2025, für alle
als PDF Datei:
https://cryptpad.digitalcourage.de/file/#/2/file/G5H5fsq35WPOoSWzEW23dHEG/
#DSGVO #TDDDG #unplugtrump
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung #Adguard
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung #Leta
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows10 #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #endof10 #OpenAndroidInstaller #Nobara
#Digitalisierung #FragdenStaat #Shiftphone #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz
Meine Datenschutz und Privatsphäre Übersicht 2025, für Jedermann
als PDF Datei:
https://cryptpad.digitalcourage.de/file/#/2/file/vQv0YkkA+eOK5la9awQ0E+jg/p/
Passwort:
idFLSmEeHa#5w4D$"Jq
#DSGVO #TDDDG #unplugtrump
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung #Adguard
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung #Leta
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows10 #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #OpenAndroidInstaller #Nobara
#Digitalisierung #FragdenStaat #Shiftphone #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz
The FIDO2 Level 2 certification should mean, that you can use your Nitrokey 3 with ID Austria.
Meine Datenschutz und Privatsphäre Übersicht 2025, für Jedermann
als PDF Datei:
https://cryptpad.digitalcourage.de/file/#/2/file/v46BVMnJApavCdhArxdHCBxe/
#DSGVO #TDDDG #unplugtrump
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung #Adguard
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung #Leta
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows10 #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #OpenAndroidInstaller #Nobara
#Digitalisierung #FragdenStaat #Shiftphone #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz
Meine Datenschutz und Privatsphäre Übersicht 2025, für Jedermann
als PDF Datei:
https://cryptpad.digitalcourage.de/file/#/2/file/v46BVMnJApavCdhArxdHCBxe/
#DSGVO #TDDDG #unplugtrump
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung #Adguard
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung #Leta
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows10 #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #OpenAndroidInstaller #Nobara
#Digitalisierung #FragdenStaat #Shiftphone #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz
@jayvii
yubi can do most of the things you ask.
here is a good guide:
https://www.procustodibus.com/blog/2023/04/how-to-set-up-a-yubikey/
and here is another one:
https://github.com/drduh/YubiKey-Guide
As far as I know #nitrokey needs some extra steps in order to do some small things(wireguard key on the nitro, I don't remember if it works), other than that as it is open hardware and software it's the best choice in the market currently.
@lrvick may have an opinion about it.
Nextcloud sicher nutzen: Überblick über Weboberfläche, Clients und essentielle Sicherheitsfunktionen wie 2FA, starke Passwörter und Freigaben.
Teil 3 der Artikelserie »Nextcloud«. 
Nextcloud sicher nutzen: Überblick über Weboberfläche, Clients und essentielle Sicherheitsfunktionen wie 2FA, starke Passwörter und Freigaben.
Teil 3 der Artikelserie »Nextcloud«.
Does anyone have experience with either #Yubikey, #Nitrokey or any other hardware security token for both #MFA/#2FA as well as #encryption via #PGP/#GPG or #SMIME?
In particular, I am looking at the Nitrokey 3A NFC. As far as I can tell, Yubico only sells #MFA tokens(?), unless the YubiKey 5 FIPS Series can hold encryption keys as well?
Both price and open hardware aspect definitely speak for Nitrokey, but I do not know anyone who owns such a token... Anyone who I can talk to?
Meine Datenschutz und Privatsphäre Übersicht 2025, für Jedermann
Teilen erbeten ! 
als PDF Datei:
https://cryptpad.digitalcourage.de/file/#/2/file/8os68Lk8YMPfPi1UvHYtTTQI/
#DSGVO #TDDDG ( #unplugtrump )
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung #Leta
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows10 #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #OpenAndroidInstaller
#Digitalisierung #FragdenStaat #Shiftphone #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz
Meine Datenschutz und Privatsphäre Übersicht 2025, für die Allgemeinheit 
Teilen erbeten 
als PDF:
https://cryptpad.digitalcourage.de/file/#/2/file/NdmBgSYkRCto8B+JmJkE9mQ4/
#DSGVO #TDDDG ( #unplugtrump )
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #Digitalisierung #FragdenStaat #Shiftphone #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz
Meine Datenschutz und Privatsphäre Übersicht 2025, für die Allgemeinheit
Teilen erbeten
als PDF:
https://cryptpad.digitalcourage.de/file/#/2/file/NdmBgSYkRCto8B+JmJkE9mQ4/
#DSGVO #TDDDG ( #unplugtrump )
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #Digitalisierung #FragdenStaat #Shiftphone #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz
Besides the #Nitrokey FIDO2, I also already have a Nitrokey U2F & a Solo Somu from #SoloKeys, so I wasn't too keen on paying 50€ + shipping for a new Nitrokey 3A Mini – a product I wouldn't need if my old key's firmware had been updated.
Instead, I bought a 
Token2 PIN+ Dual R3 whose hardware and firmware is also open-source and which costs only 25€ + shipping: https://www.token2.eu/shop/product/pin-dual-release3-fido2-1-key-with-openpgp-and-otp-and-dual-usb-ports #T2F2
The only downside is that #Token2 manufacture their products outside Europe (Nitrokeys are made in 
).
As I need an Ed25519-SK SSH key generated with a hardware token, I tried to use my Nitrokey #FIDO2 for that, but: no.
Years ago, #ed25519 had experimentally been added to the firmware (not released) but later #Nitrokey stated that customers should've donated on top of the selling price to get firmware updates & advised to buy the new product instead.
The latter would be OK if the old key wasn't sold anymore, but it is still sold & the firmware was last updated in 2021.
https://github.com/Nitrokey/nitrokey-fido2-firmware/issues/39#issuecomment-1721164809
"fwupdmgr security" on my ThinkPad T14s Gen4 running on Fedora Linux 41.
Full HSI-4 security standard with secure-boot enabled and Linux kernel in lockdown mode.
Hard disk encrypted with LUKS and the key is stored on a hardware security module (#Nitrokey 3 USB Stick) and protected by a PIN number.
