What do you prefer and why ? And which one can I easily use for disk or file system or file encryption on Linux or BSD ?
I’m not sure I’d want to use a hardware key for file encryption. They can get lost, and that would mean losing all of your data. I personally only use my key for U2F, as a second factor, with TOTP backup codes in case I lose my key.
Encryption systems like LUKS can be configured to take more than one key. You can actually use a USB key with a file on it, and fall back to a pass phrase input prompt if the stick is absent.
Thanks. Fair enough, but as long as I keep making backups I see no problem with this though. One reason I am asking is because I would love to use my Raspberry pi devices more often as desktop machines and with encryption for the user data without having to type in really long passphrases with each boot.
Is an hardware key really useful ? Or is it more like a good “gadget” ?
I have a u2f key and I find it useful.
The only comment I needed. Omw to buy one :D
:) Some time ago u2f users had to enable a setting in about:config of Firefox for it to work, but in my recent experience this looks like this is no longer needed. This wiki page mentions a few useful test sites https://wiki.mozilla.org/Security/Web_Authentication and this page explains very well more about udev for Linux users with such keys : https://docs.solokeys.io/udev/
To be exact I bought the SoloKey from the DiceKey crowfunding campaign because was claimed to be Libre Hardware and Libre Software.
Edit: I only use it for authentication in my online accounts as a additional second factor to avoid using OTP sometimes.