SSH and Yubikeys
Yubikeys are a popular hardware security token that can be leveraged for WebAuthn/FIDO2, OTP/TOTP, and Smart Card/PIV purposes. Since SSH supports FIDO security keys and Git leverages SSH for operations, you can use them for Git over SSH as well as commit signing via SSH keys. However, there are some prerequisites. First, the Yubikey must be on firmware version 5.2.3 or newer for ed25519-sk key pairs. Firmware prior to this only supports ecdsa-sk and ECDSA is not recommended by the cryptographic community....