Feature #12084

Add out of the box support for Nitrokey

Added by Anonymous 2016-12-26 08:38:06 . Updated 2017-07-17 15:58:47 .

Status:
Rejected
Priority:
Normal
Assignee:
Category:
Target version:
Start date:
2017-07-10
Due date:
% Done:

100%

Feature Branch:
Type of work:
Discuss
Blueprint:

Starter:
Affected tool:
Deliverable for:

Description

Add support for Nitrokey Pro and Nitrokey Storage without additional Software

Subtasks

Feature #13452: Please add Nitrokey-App to support Nitrokey HSMs out of the box Duplicate

0

History

#1 Updated by intrigeri 2016-12-26 13:48:02

  • QA Check set to Info Needed

Please describe the use case this would address, and what software is missing.

#2 Updated by mercedes508 2017-01-08 11:58:50

  • Assignee set to goupille

#3 Updated by Anonymous 2017-06-27 11:12:18

  • Status changed from New to Rejected
  • QA Check deleted (Info Needed)

Bug reporter without user account, no input since 6 months -> rejecting.

#4 Updated by cane 2017-07-07 11:51:11

Request to re-open the ticket.

Nitrokey is a hardware security module (HSM) with USB interface, which keeps the private OpenPGP keys or private X.509v3 in a secure environment. All cryptographic operation with private keys are computed on the HSM. The private key will never leave the secured environment.

Additional offers Nitrokey 8 slots for one-time-passwords (HOTP and TOTP) for secure login on web-services nd 8 slots for static password. All passwords are stored encrypted on the USB device.

The most advanced version of Nitrokey is “Nitrokey storage”. This version offers additional Veracrypt encrypted storage up to 32 GB. Encryption/decryption to access the storage is done in transparent way, installation of Veracrypt is not required.

For more detailed information you may have a look at the website: https://www.nitrokey.com

To use the advanced features like HOTP/TOTP, password safe and encrypted storage the software Nitrokey App is required. May be, it would be a nice feature, to have this software pre-installed in TAILS to make it easy for security affine users to use the Nitrokey HSMs out of the box with TAILS.

Nitrokey App is part of Debian 9.0 and can bei installed from Debian main repository.
See: https://packages.debian.org/stretch/nitrokey-app

I’m a supporter of the Nitrokey project and I can answer all questions related to this.

All software and hardware components of the Nitrokey project are Open Source.

Thank’s

#5 Updated by intrigeri 2017-07-17 15:58:47

  • Assignee deleted (goupille)

FWIW at least within Debian, this seems to be extremely little used: https://qa.debian.org/popcon.php?package=nitrokey-app.

AFAICT that’s exactly what the Additional Software Packages feature is for, and we are actively working on making it much nicer to use :)

So let’s reopen this discussion only once strong arguments are provided in favour of installing this by default. I’ve seen no such thing posted here yet.