Synchthing + Yubikey NEO = very good security

GuruMeditation · July 24, 2014, 8:19am

Hello,

I think it would be a great killer app if we could off-load the secret key onto the Yubikey NEO. This can be done by generating an ephemeral key given a user pin/password and storing it onto the NEO or by using the OpenPGP applet included in the device.

By doing so Synchthing wouldn’t need to store the key ever on the hard-drive / ram.

For info on the Yubikey NEO: you can check Yubico website, they have a github repository github.com/yubico and opensource.yubico.com website.

Regards, GuruMeditation.

calmh · July 24, 2014, 8:58am

The Yubikeys are nice. Question is though, what are you protecting against? At the core, syncthing syncs your files between computers, and the files are on disk. If an attacker can get at the key on your disk, they also already have your files.

GuruMeditation · July 24, 2014, 9:41am

Hello Calmh,

I understand your point and you are right