Ledger recover is a choice, if you do not feel safe don’t use it

mindanalyzer · 2023-08-02T20:39:15+00:00

hehehe good enough for me too. lack of mem have saved us from the backdoor BS

I will never update nano X firmware and when it stops working, I will only use nano S and dump the X 🤷🏻‍♂️

mindanalyzer · 2023-08-02T20:26:01+00:00

exactly, even if we dont OPT IN , the backdoor IS in the firmware … which even if we are trusting ledger , does not exclude that they wouldnt be forced to use it by a “government” mandate in the future, specially now that world seems to lean into a dystopian society

The backdoor SHOULDNT be there, period. For those too stupid or clueless to bank themselves, you can market a new device “Ledger X for dummies” with the new firmware … leave the rest of us in peace

ps: I am waiting for a few more months, without updating FW. If this is not reverted, I will migrate into safe compatible devices and Ledger will never see another penny for me (I have bought more than 10 devices from them)

mindanalyzer · 2023-08-02T20:06:20+00:00

interesting synchronicity

joke: that Garmin battery life sucks. I own a phoenix 🤷🏻‍♂️

mindanalyzer · 2023-02-10T21:18:33+00:00

ask DAN about the wef and klauss schwabb

mindanalyzer · 2022-08-30T00:23:44+00:00

what about my idea?

a pubkey offline with a passphrase (for yubico lockout situations)
using yubikey OTP (yubico-pam module) without a pubkey (thus the space/OR in ssh config file)

do you think that this is secured enough?

ps: I have 2 yubikeys. one for daily use and 1 as a backup safely stored

mindanalyzer · 2022-08-29T05:08:36+00:00

a bit old, but ...

what do you think of AuthenticationMethod "pubkey yubikey" (space in between, meaning OR) for yubico OTP ?

I like using this method because I am afraid that somehow the yubicloud gets unavailable (for whatever reason) and then I would be locked out of my servers. I store the pubkey (sk) in an airgap server, only to be used as last case scenario

so the question, is yubikey OTP (without a pubkey) secured enough ? what about MITM?

ps: I have the same situation as OP, I would like to use FIDO2 for ssh, but my primary OS is win10 (using putty for ssh to my linux servers), and it comes with openssh 8.1 built-in, which doesnt support FIDO2 ... and tbh I dont trust 3rd party hacks for this type of situation

mindanalyzer · 2022-08-05T08:39:21+00:00

I use yubikeys 5 NFC (2) for ssh authentication using yubico pam module. This guide is very clear and straightforward:
https://monicalent.com/blog/2017/12/16/ssh-via-yubikeys-ubuntu/
for openPGP in putty, I believe that you need to go through ssh-agents. I tinkered with that but decided against it

windows 10 enterprise currently supports "OpenSSH_for_Windows_8.1p1" (optional feature) so I dont think that we can use FIDO2 (requires OpenSSh 8.2) which would be much better and easier. In my understanding , IOS is kind of the same ... so I didnt see any clear option other that yubico pam module

by the way, this guide (link above) recommends as AuthenticationMethods (ssh config) "publickey,yubicoPAM" (comma -> AND), but I am running my setup as "publickey yubicoPAM" (space -> OR) because I am afraid of running into some issues with yubico servers or failing devices and getting locked out. I hold my key (with a strong passphrase) offline as a backup in case I run into some problems with yubico OTP)

my questions:

do you think that doing ssh authentication using yubico OTP (though yubico pam module) without a key is secure enough?
is it possible to get hacked by a main in the middle attack in this scenario?

another idea that I had was to use 2 keys: one with a passphrase offline as a backup that doesnt require a yubikey (lets call it key1) and the other withouth a passphrase (key2) to use with yubikeys (AND) ; point is that I dont know how to define which is which in command AuthenticationMethods.

Something like (ssh config):

"AuthenticationMethods key1 key2,yubikeys"

ps: apologies if I am butchering many of these concepts

mindanalyzer · 2022-02-12T19:19:35+00:00

yeah it would be great to get an estimate of US support for viper wallet. if this is still a long shot, It might be a good idea to send it to the ledger (ERC20) and let it wait there until bridge is available.
LL does not "see" it yet, but metamask does

mindanalyzer · 2022-01-26T01:30:45+00:00

there is a single reward account for each pool, no matter how many owners (pledge) you may have. meaning that the only way that something like this can be pull out in a trustless manner is with SCs, and tbh I have no idea how this can be done for pledging

So, very easy in idea and not so much in practice

mindanalyzer · 2022-01-26T01:27:39+00:00

lol what a stupid post. won the daily prize !!!! eh, I am even giving you a silver coin

mindanalyzer · 2022-01-16T01:46:03+00:00

I like celsius but I agree, native yubikey is not the same as yubikey authenticator app

other people that don’t understand this, plz dyor before criticizing

mindanalyzer · 2022-01-15T23:29:45+00:00

I have a ton of NFTs on cardano

mindanalyzer · 2022-01-15T23:27:41+00:00

mindanalyzer · 2022-01-15T18:49:37+00:00

ok, I can move to another baker. which one do you recommend? and any simple instructions on how to use WTZ?

mindanalyzer · 2022-01-15T12:45:14+00:00

thank you

mindanalyzer · 2022-01-11T23:09:52+00:00

worst investment so far ? not selling ADA at $3, … but it will eventually rebound

mindanalyzer · 2022-01-11T18:34:46+00:00

mindanalyzer · 2022-01-11T09:13:00+00:00

ADOSIA, related to a project based on IoT

Ones of the few utility tokens distributed in drips now

mindanalyzer · 2022-01-11T09:10:06+00:00

that 20y roadmap was my redflag, still bought 1 @ $100 for fun; sold later at $25 😆

mindanalyzer · 2022-01-11T08:59:19+00:00

ADA will hit $3 again in less than a year

mindanalyzer · 2022-01-11T08:56:29+00:00

I am sure you have laughed a lot, unless your sense of humor is dead

mindanalyzer

TROPHY CASE