I use an openpgp smartcard called NitroKey to store in hardware my private keys for my production server. This is a pretty common set up with lots of companies deploying these and other brand of keys around the world. Other brands are Yubikey and Google have just brought out their own key as well.
When using ssh to access my server, I needed to make changes to how ssh handles keys. This means that you are modifying ssh as a whole, so any regular private keys you use (such as git commit keys or other servers) won't work without adding them to the gpg-agent.
It's early morning and I'm waiting for my daily ride on the tramtrain to Rotherham Parkgate. The weather is rainy but not too cold.
The everyday commute has a bad reputation but truthfully, it not that bad. If you travel on public transport like I do, you can do whatever you want. It's kind of freeing, allowing you to do what ever you want. I'm currently listening to a podcast whilst writing this whilst traveling to my destination. It's great when it works.
So I've just got WriteFreely working, let see if I can muster enough will to start using this blogging platform.
It wasn't that hard to install and the docs are very simple to follow. I have the code running on the bare os, but the database is an instance of MariaDB I have running in docker. All works as intended and the config is easy to change if I need to update any of the site.