Techly NewsGet the app

Get the latest tech news

Offline PKI using 3 Yubikeys and an ARM single board computer


Setup of an offline PKI system with 3 YubiKeys and a Libre Computer Sweet Potato ARM64 SBC. This may contain some traces of Nix.

An offline PKI enhances security by physically isolating the certificate authority from network threats. To ensure the operations on the root and intermediate CAs are air-gapped, a cost-efficient solution is to use an ARM64 single board computer. a package for the offline-pki application, with shell completion, a development shell, including an editable version of the offline-pki application, a NixOS module to setup the offline PKI, resetting the system at each boot, a QEMU image for testing, and an SD card image to be used on the Sweet Potato or an ARM64 SBC.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of ARM

ARM

Photo of PKI

PKI

Photo of 3 Yubikeys

3 Yubikeys

Related news:

News photo

Arm Changing Linux Default To Costly "KPTI" Mitigation For Some Newer CPUs

News photo

Arm Shows Off Great Performance Results For PGO & BOLT With LLVM/Clang

News photo

Trump family is reportedly in talks to acquire stake in Binance’s US arm

« China Dollar Bond Deals Surge as Market Gloom Begins to Lift
All Four iPhone 17 Models Again Rumored to Feature Apple-Designed Wi-Fi 7 Chip »