On Sun, 31 Mar 2024 at 08:39, Bastian Blank <wa...@debian.org> wrote: > > On Sun, Mar 31, 2024 at 12:05:54PM +0500, Andrey Rakhmatullin wrote: > > On Sat, Mar 30, 2024 at 11:22:33PM -0300, Santiago Ruano Rincón wrote: > > > As others have said, the best solution is to relay on HSW for handling > > > the cryptographic material. > > Aren't these answers to different questions? > > Not all attacks are about stealing the key or using it to sign unintended > > things. > > Also a HSM does only allow to control access to the cryptographic > material. But it asserts no control over what is actually signed. > > So an attacker needs to wait until you ask the HSM it is okay to sign > something. > > Bastian
This is true as in the default configuration you get asked for the yubikey pin only once per "session", and then it's cached transparently and there's no GUI feedback when the token is used (the light on it blinks, but noticing that requires having it in line of sight at all times). However, it's already better than nothing as it means such an attack must be "online", and run in the same "session" as the active user, so perfect should definitely not be the enemy of good here IMHO. Also, iirc this can be configured to always ask for the pin on each signature, although this could get burdensome. But given the very low price of yubikeys (or similar tokens), and how well and seamless they work these days, I think the offer of buying any DD that doesn't have one such a token is one that we should take up and make it happen.
