OpenSSH 8.4 available, improves the security when using U2F security tokens:

– The PIN for resident keys is now required (FIDO 2.1 credProtect extension).
– The signing of web challenges is now restricted for the ssh-agent.

Furthermore, observe the "future deprecation notice" regarding weak ssh-rsa public keys.

Sign in to participate in the conversation – a Fediverse instance for & by the Chaos community