I use yubikey for ssh access mostly (setting it and GPG signatures with unextractable key was fun and messy). Moving secret key across machines became quite easy to do in a secure manner. I was thinking about making it boot key for my portable laptop, but ended up just having throwaway policy about its contents and relatively weak encryption passwords not worth bruteforcing. Losing a key to a laptop that could be lost itself on the other hand sounds like quite a shame. With stationary server, I don’t know, I feel like anything more complicated then a power switch that could be operated with physical access IMO does not provide extra security because - yubikey left in a rack is just as hard to push as power button.

Also make sure you have more than one, they could easily break, be lost, or eaten by a dog named Kubernetes. Seriously, I had friends who neglected this advise and got in a mess.

It’s not like I’m a fan of yubikeys, I just happened to get quite a lot of them on one of a gigs I was doing and had to come up with sensible uses. Well, signing git commits and other gpg stuff was not sensible.

I’d starve this way

Whoa, FreeDNS is a killer, I wish I knew about it before! I have domains to donate probably (unless they expired lol). I sure need to try that.

Yeah, using VPS to route traffic is an obvious solution, I’m thinking about it as the last resort here.

So how does this work then, I host DNS and it pushes my data to other DNS servers around the net every time my IP address changes? Can you share an example of how could be set up?

You get candles if you are datasatanism type of programmer plotting stuff

yeah, the whole point was to make fun of web2 development as it went. Now he has web3 logins too, which are way more awkward than anything before, but, like, work with as few 3rd parties as possible.

The regular login is just password that fetches creds stored in local storage without any cookies. Most of time one wouldn’t even notice it, and as secure as CORS/HTTPS (which would screw you if not working properly anyway). Kind of shows what a pile of data-stealing nonsense this all is.

Some dudes with oldstyle websites from web 1.0 times actually keep doing this. A friend of mine has a login with dog chip on his website among dozens of other options.