Remix.run Logo
jmole an hour ago

My simple process is:

0) agent gets its own separate git user and ssh key, separate from mine

1) branch protection rules on main, only I can approve merges into main

2) any other ssh key uses (interactive login, direct git access, etc.) are ed25519-sk keys and require a touch on yubikey.

TBH, the biggest hole is that it can be unclear exactly what process is requesting a touch on the yubikey. Apple has a head start here because they can lock down the TouchID UX relatively well, but unfortunately they don’t seem to care about building a polished developer experience for 2FA on sensitive tasks.

They are probably waiting for someone else to build the right solution and then copy/steal it.