1. 1

    Looking forward to having filter support. No more shelling out to rspamd (I hope)!

    1. 4

      I’m not clicking that :P

      1. 3
        1. 1

          No viruses… so far.

        1. 1

          Interesting. I’m using Matrix at the moment, but I’ll be keeping an eye on this.

          1. 3

            The offhand ‘even perl’ in there struck me as unfair. It reminds me that perl is actually pretty fast (specifically at startup, but my recollection was also that it runs quickly):

            $ time for i in `seq 1 1000`; do perl < /dev/null; done
            
            real    0m2.786s
            user    0m1.337s
            sys     0m0.686s
            
            $ time for i in `seq 1 1000`; do python < /dev/null; done
            
            real    0m19.245s
            user    0m9.329s
            sys     0m4.860s
            
            $ time for i in `seq 1 1000`; do python3 < /dev/null; done
            
            real    0m48.840s
            user    0m30.672s
            sys     0m7.130s
            
            
            1. 1

              I can’t comment on how fast Perl is, but you are measuring the time taken to tear down here too.

              The correct way would be to take the raw monotonic time immediately before invoking the VM, then inside the guest language immediately print it again and take the difference.

              P.S. Wow Python3 is slower.

              1. 2

                but you are measuring the time taken to tear down here too.

                I guess so? I’m not sure that’s a useful distinction.

                The people wanting “faster startup” are also wanting “fast teardown”, because otherwise you’re running in some kind of daemon-mode and both times are moot.

                1. 1

                  The people wanting “faster startup” are also wanting “fast teardown”

                  Yeah, I guess I agree that they should both be fast, but if we were measuring for real, I’d measure them separately.

                  1. 1

                    I’m not sure that’s a useful distinction.

                    If latency matters then it could be. If you’re spawning a process to handle network requests for example then the startup time affects latency but the teardown time doesn’t, unless the load gets too high.

                2. 1

                  Hah before I read the comments I did the same thing! My results on a 2015 MBP - with only startup and teardown on an empty script, and I included node and ruby also:

                  ~/temp:$ time python2 empty.txt 
                  real    0m0.028s
                  user    0m0.016s
                  sys     0m0.008s
                  
                  ~/temp:$ time python3 empty.txt 
                  real    0m0.042s
                  user    0m0.030s
                  sys     0m0.009s
                  
                  ~/temp:$ time node empty.txt 
                  real    0m0.079s
                  user    0m0.059s
                  sys     0m0.018s
                  
                  ~/temp:$ time perl empty.txt 
                  real    0m0.011s
                  user    0m0.004s
                  sys     0m0.002s
                  
                  ~/temp:$ time ruby empty.txt 
                  real    0m0.096s
                  user    0m0.027s
                  sys     0m0.044s
                  
                  1. 2

                    Ruby can do a bit better if you don’t need gems (and it’s Python 3 here):

                    $ time for i in $(seq 1 1000); do ruby </dev/null; done
                    
                    real	0m31.612s
                    user	0m27.910s
                    sys	0m3.622s
                    
                    $ time for i in $(seq 1 1000); do ruby --disable-gems </dev/null; done
                    
                    real	0m4.117s
                    user	0m2.848s
                    sys	0m1.271s
                    
                    $ time for i in $(seq 1 1000); do perl </dev/null; done
                    
                    real	0m1.225s
                    user	0m0.920s
                    sys	0m0.294s
                    
                    $ time for i in $(seq 1 1000); do python </dev/null; done
                    
                    real	0m13.216s
                    user	0m10.916s
                    sys	0m2.275s
                    
                    1. 1

                      So as long python3 is faster than ruby/node, we are ok…?

                  1. 25

                    This seems a good time to promote a paper our team published last year (sorry to blow my own trumpet :P ): http://soft-dev.org/pubs/html/barrett_bolz-tereick_killick_mount_tratt__virtual_machine_warmup_blows_hot_and_cold_v6/

                    We measured not only the warmup, but also the startup of lots of contemporary JIT compilers.

                    On the a quad-core i7-4790 @ 3.6GHz with 32GB of RAM, running Debian 8:

                    • C was the fastest to start up at 0.00075 secs (+/- 0.000029) – surprise!
                    • LuaJIT was the next fastest to start up at 0.00389 secs (+/- 0.000442).
                    • V8 was in 3rd at 0.08727 secs (+/- 0.000239).
                    • The second slowest to start up was HHVM at 0.75270 secs (+/- 0.002056).
                    • The slowest overall to start up was JRubyTruffle (now called TruffleRuby) at 2.66179 sec (+/- 0.011864). This is a Ruby implementation built on GraalVM (plain Java on GraalVM did much better in terms of startup).

                    Table 3 in the linked paper has a full breakdown.

                    The main outcome of the paper was that few of the VMs we benchmarked reliably achieved a steady state of peak performance after 2000 benchmark iterations, and some slowed down over time.

                    1. 1

                      I saw a talk about this. Very cool stuff! It is a good antidote to the thrall of benchmarks.

                      1. 1

                        Cool work! You should make that a submission on its own in the morning in case someone misses it due to a filter. For instance, people who don’t care about Python specifically like main post is tagged with. Just programming, performance, and compiler tags should do. Good news is a lot of people still saw and enjoyed it per the votes. You definitely deserve an “authored by” submission, though. :)

                        1. 3

                          It was on the lobsters front page about six months ago. https://lobste.rs/s/njsxtv/virtual_machine_warmup_blows_hot_cold

                          It was a very good paper and I personally wouldn’t mind seeing it reposted, but I don’t actually know what the etiquette for that is here.

                          1. 1

                            I forgot. My bad. I should probably do a search next time.

                      1. 3

                        Well I’ve been using Rust for about a year now, and this article really only beings to scratch the surface. Error handling in Rust is actually quite involved and requires a fair amount of study when you are new to the language.

                        Take a look at the section in the Rust book on error handling for an idea of what I’m talking about (the first edition of the book explains better than the second edition IMHO).

                        The failure crate that the author touched on claims to improve the situation, but I’ve not yet tried it.

                        1. 6

                          I’ve been using Riot for about 2 years now. It shows promise, but has some teething issues:

                          • Initial implementation in Python is a resource hog. There’s an official effort to reimplement in golang, but it seems like the team’s time is mostly spent keeping the existing infrastructure running.
                          • E2E key validation is pretty bad. Every device has to verify every other device. As a result, no-one checks the authenticity of devices because it takes too long.
                          1. 1
                            E2E key validation is pretty bad. Every device has to verify every other device. As a result, no-one checks the authenticity of devices because it takes too long.
                            

                            You can just ignore this and press send anyway which makes it as secure as every other E2E service because manually checking everyones key is way too much work.

                            1. 2

                              That’s the equivalent of adding a local exception when hitting a HTTPS website whose key is bogus.

                              So yes, you’d get encryption, but not authentication. The recipient may not be who she/he says she is.

                              1. 2

                                I don’t think any of the other IM services have solved multi device E2E either but I seem to remember there being some work on when you sign in on another device you get a popup on your existing device asking if it’s yours and sharing the key.

                                1. 2

                                  That (or something similar) is what they’ve said they are aiming for I think. A change I welcome!

                                  1. 1

                                    Keybase has an IM solution (the client is pretty bad) that supports multi device E2E.

                              2. 1

                                E2E key validation is pretty bad. Every device has to verify every other device. As a result, no-one checks the authenticity of devices because it takes too long.

                                This sucks a lot, yeah. Especially with people using throwaway browser sessions.

                              1. 1

                                This reminds me that we are still light-year away from the simplicity of hypermedia when embedding software. I understand their objective is to “Run Program Faster Anywhere” but once you show the polyglot approach I will ask if it’s possible to do it inline and mix languages. Very sad to see that it’s not possible (yet).

                                Also the examples are missing a “start from python”, is it possible? Silly me, there is

                                1. 3

                                  VMs written on Graal/Truffle effectively do inline by runtime AST specialisation. The various languages share a common AST representation whereby nodes can be specialised and compiled down to native code.

                                  Cross-language tracing has also been done with RPython: http://soft-dev.org/pubs/html/barrett_bolz_tratt__approaches_to_interpreter_composition/

                                  (disclaimer, I’m one of the authors of that linked paper)

                                  1. 1

                                    Even the Parrot vm had the same very simple and abstract instructions and you could run every scripting language on top of it. What I was trying to point out is that mixing different languages in the same source code is still not a thing. I was thinking at % magic commands available when using ipython, like %R to call some R code.

                                    1. 1

                                      It’s not a widespread thing, no. Probably because it comes with some tricky practical challenges (type conversions, performance, grammar composition, …). Nonetheless it can be done efficiently. The paper I linked allows Python and Prolog code from the same file to be JITted. Later we published a paper showing that we can JIT PHP and Python code from the same file.

                                      The real question though is, is that level of granularity useful? Our PHP/Python system allowed cross language closures between arbitrarily deeply nested scopes, but we didn’t find any particularly compelling examples of why that might be useful :P

                                1. [Comment removed by author]

                                  1. 2

                                    Likely some sort of transpiler from one bytecode to another, I would imagine.

                                    1. 1

                                      Thank you for the response.

                                      For the rest of the thread, my deleted comment was “This seems like witchcraft. How does it work?” I deleted it because I thought I was being lazy. (Now I am adding it back in because it’s a pet peeve to see answers to deleted questions.)

                                      Here is an article (I have yet to read) on how the Graal VM works:

                                      http://chrisseaton.com/truffleruby/jokerconf17/

                                      1. 2

                                        There are no bytecodes involved. All of the languages share a common AST representation where nodes can be compiled and specialised if they are frequently executed.

                                  1. 10

                                    Cool that you went and did this! I built @technomancy’s atreus a while back, but don’t actually use it. I should, though…

                                    1. 3

                                      Thanks - that’s a very cool looking keyboard!

                                      1. 1

                                        Why don’t you use it?

                                        1. 4

                                          The reason I don’t use it is simply because I don’t want to become dependent on it. @technomancy travels everywhere with his, and sets it up on top of his laptop keyboard. I could try that, I suppose, but it seems like a habit that’d be very hard to get into. Above all, I don’t have pain from regular laptop keyboards, so the increased ergonomics haven’t pushed me into it by necessity.

                                          But, now that I’m saying this, I really should give it more of a chance, and try it again… There’s no reason not to, for sure.

                                          1. 3

                                            I don’t think learning a new keyboard will prevent you from using your laptop keyboard.

                                            I switch freely between a maltron 3d and a thinkpad keyboard. The biggest challenge is learning the new keyboard in the first place (about 2 months for the maltron)

                                            1. 1

                                              You’re right, it doesn’t stop me from using a different keyboard. I spend enough time away from my desk, though, that I feel I’d have to bring it with to ever get comfortable with it.

                                      1. 23

                                        compsci would be appropriate. If there’s a significant number of people reading about compsci who don’t want to read about plt or vice-versa, speak now or forever hold your whitepapers.

                                        1. 3

                                          I’d like to see compsci used for something that is theoretically focused but used in conjunction with a “modifier”, like ai, or networking, or plt, or algorithms. But maybe I just think of tags differently than others…

                                          1. 3

                                            I, too, would love me a plt tag. It would nicely complement formalmethods.

                                            1. 3

                                              What this tells me is I need to find and post more compsci articles that aren’t also about plt.

                                              1. 3

                                                Yes please.

                                                (I’m a computer scientist by day)

                                                1. 2

                                                  I’d love a specific PLT tag.

                                                  1. 1

                                                    For clarity, do you mean reply to this post to say ‘yes please’ (in which case: ‘yes please’), or do you mean reply and/or upvote the OP?

                                                    1. 1

                                                      Anything, really.

                                                    2. 1

                                                      There have been a couple people people asking for this - if you see this, could you expand on why you want a tag that’s specifically separate from compsci?

                                                      1. 7

                                                        Here are some highly-rated Lobsters posts about compsci but not plt:

                                                        Here are some highly rated posts where plt may be a good fit:

                                                        The way I see it, practices, programming, and compsci are very broad catch-alls for cases where we don’t have enough density to make a dedicated subtopic. python, networking, and ai are all subtopics of programming. compilers and formalmethods are subtopics of compsci. I think there’s probably more people interested in PLT than Formal Methods here, so plt would be a useful subtopic.

                                                        1. 3

                                                          I’ve added a plt tag with the description “Programming language theory, types, design”.

                                                    1. 4

                                                      Pretty unpleasant results - often-inconsistent behavior makes it hard to even define “performance after warmup”, and lots of measurements end up finding that the “steady state” is either unsteady or worse than the startup behavior.

                                                      Nice, and quite thorough, work!

                                                      1. 2

                                                        Thanks :)

                                                      1. 1

                                                        This seems really long for a conference paper. Is it a longer version?

                                                        1. 2

                                                          The Appendix was not included in the published version, but instead supplied in the supplementary material archive.

                                                        1. 151

                                                          Hi jcs,

                                                          In an attempt to preserve a community which has been a large part of our lives for a better part of the last few years, @angersock @pushcx @355e3b @alynpost and a few other of the IRC folks feel that we can take over running the website. @alynpost will be able to provide the hosting in Santa Clara, CA under pgrmr’s infrastructure. @pushcx will assume the role of head administrator and take over the domain name along with the Twitter account. @355e3b and @aleph- will take over the care and feeding of the Rails codebase.

                                                          We will not be making any moderation changes at this time—continuity is the important thing.

                                                          Our transition plan is as follows:

                                                          • @pushcx will take over the domain name and Twitter account; @angersock will also have access to resolve emergencies.
                                                          • @pushcx will set up a GitHub organization to own the repository long-term.
                                                          • @alynpost will provision new hardware.
                                                          • @355e3b and @aleph- will take over the administration of the IRC channel on Freenode.
                                                          • @alynpost will invoice @angersock, @pushcx and @355e3b for the costs of running the server long-term.
                                                          • @pushcx and @alynpost will pick a deadline by which anyone who wants their private messages or email address deleted should request it. Once that date has passed, we will pick a date and time for the migration to occur.

                                                          This is solely to ensure continued hosting and maintenance of the website, and a continuation of the community. Long-term, if the existing moderators wish to step down, @pushcx will be responsible for picking new candidates.

                                                          We would also like to thank you for all of your years of work put into this.

                                                          ― #lobsters IRC regulars (aka the clawlateral committee)

                                                          1. 77

                                                            And I assume @tedu will be in charge of the TLS certificates?

                                                            1. 21

                                                              This comment made me super happy :D - Thanks!

                                                              1. 1

                                                                Joker!

                                                              2. 56

                                                                That sounds like a great plan, thanks for putting that together. I’ll feel better knowing the site will be managed by a group instead of falling all on one person.

                                                                1. 22

                                                                  Glad to see your approval. :)

                                                                  /u/pushcx should be the central point of contact for the migration deets. We’ll keep the community updated!

                                                                  1. 26

                                                                    Great! We’re really happy to step up and take good care of a community we love.

                                                                    And, for the community: the first update is that I just started an email discussion with me, jcs, and alynpost to handle the technical details of the migration. I’ve migrated barnacl.es a few times, so I’m familiar with the procedure. My guess for a timeline is two weeks, but that’ll be adjusted if needed. I’ll post a comment in this thread when we’ve picked a date or there’s otherwise news.

                                                                2. 18

                                                                  This sounds great. I’m thrilled to see people working together on this. :)

                                                                  1. 10

                                                                    I got back from talking to the people planning out the transition (aleph, push, socky, goodger, alyn, 355, irenes) on Mumble and IRC - they’ve all been wonderful people putting in their best to ensure the community will experience a smooth transition and avoid any turmoil.

                                                                    1. 10

                                                                      Awesome, glad to have regulars and good people taking things over.

                                                                      I would strongly recommend, and as a lobste.rs regular personally request that as a group you take a bit of time to define some basic agreement about decision making and ownership, so that it is clear between you all, and also to the community.

                                                                      This is not a problem when there’s one guy in charge - it’s simple and clear and whether you agree with them or not you have consistency and stability (thanks @jcs !)

                                                                      When there’s more than one, you need extremely strong value alignment and high levels of trust. If you guys have not known each other for 5+ years and can meet in the same bar to share a beer, you need to talk about and get down some basics. Who makes decisions, how, when; who is in control of the domain / hosting / features / community management.

                                                                      Personally, I like the ‘benevolent dictator’ situation. It reduces ambiguity and facilitates short sharp clear decisions. Greater than 2 people needs work to define that recognises that you will eventually have a conflict, that some of you will come and go, and that there is no way you can all have perfect understanding of what each other wants for this community and what your values are.

                                                                      Not doing this is a valid choice too; equal to commitment to cede to whoever has ‘root’ and control of the hosting and then domains if a conflict happens, and requiring proactively thinking about forking / commuity splits.

                                                                      1. 6

                                                                        The way that I personally view it is, @pushcx will step into @jcs’s role and take over as the benevolent dictator.

                                                                        1. 2

                                                                          Is that what you’re thinking too @pushcx ?

                                                                          1. 10

                                                                            That’s the current plan I’m executing on, yes. I want to continue this excellent community. Lobsters is in a good place: we have a healthy, active userbase, the code is stable, bug-free, and has little need for new features, and I’m on sabbatical so I have plenty of time and attention to devote to a smooth transition.

                                                                            After the migration is complete I think it’s worth having a new meta thread about if we want to shift to a new community governance model. I’m comfortable being BD for years if not indefinitely, but there’s enough folks talking about community models that I want to have a dedicated discussion to explore examples and consider the option.

                                                                        2. 4

                                                                          One of the guiding principles we talked about a lot during the clawlateral committee meeting was that we wanted to stray as little as possible from the existing governance structure for the time being–the site has done well in its current incarnation, and @pushcx is we believe a good steward to carry on the precedent set by @jcs.

                                                                          The plan explicitly has redundancy in roles (think failover) for all important things you mentioned. We also tried to follow a principle of least-trust and a little bit of separation of powers for the failover folks, so that continuity of service is easy but forking and hijacking is hard.

                                                                          1. [Comment removed by author]

                                                                            1. 3

                                                                              So what moderation changes will you make later?

                                                                              The first rule of intelligent tinkering is to keep all the pieces. When we say we will not be making any moderation changes at this time, we mean that we have no moderation changes to make. This group volunteered to operate lobste.rs because we like the way the website has been run. We will moderate with the same principles the site has always operated on. The moderation log is available for public inspection. Changes to the site, just like the one announced here, will be discussed in their own meta thread.

                                                                        3. 6

                                                                          Thank you all. I work a lot, don’t know Rails, and don’t really have anything constructive to contribute, but this is far and away the best signal to noise community I’m involved with and I really appreciate it.

                                                                          If throwing money at the problem will help the new maintainers along please consider setting something up and I’ll chip in.

                                                                          1. 4

                                                                            They said they should be able to pay for everything out of pocket, as far as I know.

                                                                          2. 6

                                                                            Does this mean we can finally get an @angersock plushie?

                                                                            1. 2

                                                                              You guys were my first thought when I saw this post lol. Thanks for your continued commitment to the community ~

                                                                              1. 1

                                                                                Thanks @angersock, @pushcx, @355e3b, @alynpost!

                                                                                I’d hate to see lobsters die!

                                                                                1. 1

                                                                                  I love how fast this plan was put together and I feel it will be in good hands. I was scared seeing this post and am excited to see the community I love will keep going and be in good hands!

                                                                                1. 6

                                                                                  Man, I would not want to admin a service where walking the dependency graph was in danger of exhausting stack.

                                                                                  1. 3

                                                                                    Well - that is a point. I’d expect that the number of services required to exhaust the stack would be pretty high, much higher than what you’d see on a normal system. Maybe reducing stack usage is an unnecessary concern, in this case. However, it’s always bothered me that the precise amount of stack available is something of a magic number, and that we rely so heavily on not exceeding that number even without knowing what it is, how much particular functions use, and in particular without having a reliable way to cleanly back out when we do overflow the stack.

                                                                                    (the post was intended largely as an illustration of general principle - that of playing it safe, and not assuming resources will be available - rather than as an a solution to a problem that was actually being observed. This extends to many other things, but it’s hard to cover them in a concise blog post, and it’s hard to find time to write a lengthier blog post, unfortunately…)

                                                                                    1. 6

                                                                                      The author of https://bearssl.org/ did something super interesting. He implemented parts his code in a forth variant, but also coded a static checker to guarantee the maximum stack depth so he can allocate his coroutine stacks in a fixed size buffer with assurance it will not go out of bounds and without dynamic allocation.

                                                                                      Super awesome stuff.

                                                                                      1. 5

                                                                                        Knowing how to avoid recursion, and converting to an explicit stack is definitely a useful skill. No argument.

                                                                                        In this scenario, I might also simply consider a depth counter. Adding a limit is simpler, and one could argue should be the default for any recursive function. It’s still a guessing game to right size the limit, but one can usually make some assumptions, multiply by the fudge factor, and still come out with something that avoid catastrophic failure.

                                                                                        1. 2

                                                                                          Kind of a side note: some languages include an independent recursion depth counter which would be exceeded before the real stack is exhausted. For example, Python raises a catchable RunTimeError, allowing you do potentially recover. Not sure if C++ has such a feature.

                                                                                          (No, I’m not advocating you should write an init system in Python :P )

                                                                                          1. 1

                                                                                            Not sure if C++ has such a feature.

                                                                                            Nothing built-in. You could probably wrap a depth counter in a class which auto-incremented in the copy constructor, and pass it as a parameter to each function (but of course the function signature has to change accordingly).

                                                                                    1. 2

                                                                                      I wonder why they made this an entirely new app, and not just a feature of regular firefox for android…

                                                                                      1. 5

                                                                                        I suspect, better user model (in UX terms). People would treat it as a new kind of thing instead of another complication to an already complicated app (all browsers are complicated).

                                                                                        1. 2

                                                                                          It’s at least a different user model. I’ve been using it alongside Firefox and it’s better for me for some things, worse for others. In some ways it’s too minimalist for me: you can have exactly one window open (no tabs), and it’s always an incognito window. That’s great for some things, but for example I don’t use it for lobste.rs, because I don’t want to re-log in every time I visit here. I like it as a default search app though.

                                                                                          1. 3

                                                                                            Looks like “do I want to log in for that” is the one definitive question to ask yourself when choosing “full browser” over “temporary browser” every time. I just wish there’d be a better way to not have to choose it in Android every time :-)

                                                                                            1. 1

                                                                                              For me it will be “Do I want to log in/add it to my list of tabs to read later?”

                                                                                              After using it for a bit,
                                                                                              Open with… is a great idea to get URLs into your real browser.
                                                                                              I think zero history might get a bit annoying, you won’t be able to find, “What was that movie I was looking up the other day? Oh rats, it was in Firefox focus”.

                                                                                          2. 1

                                                                                            Yeah, maybe. I’ll give it a shot anyways.

                                                                                          3. 2

                                                                                            I use both FF and Focus on iOS, and Focus just fits my model better. Open a site, browse, close or - alternatively - open it in the “real” Firefox for more heavyweight stuff. It’s really nice for people that never close their tabs anyways. :)

                                                                                            1. 2

                                                                                              I’m using Focus as the default browser so it opens up links from external apps (since it’s fast and private), then regular Firefox for heavier duty browsing and stuff I actually want synced into my history.

                                                                                            1. 1

                                                                                              Can you imagine taking that on the train? Really?

                                                                                              1. 2

                                                                                                vmm can boot ISO images now! Great!

                                                                                                (and, as others have pointed out, running docker inside a Linux VM is kinda cheating :P )

                                                                                                1. 13

                                                                                                  Storing my key on the phone… Isn’t that exactly what we don’t want?

                                                                                                  1. 6

                                                                                                    I wouldn’t trust my phone to store secrets. LG patch it only about twice a year. Even Google only patch their phones once a month. And we have not even started talking about intentional backdoors… So for the same reason I don’t (any more) store GPG keys on my phone, I will not store SSH keys on my phone.

                                                                                                    I was wondering, how does the SSH client talk to the phone?

                                                                                                    1. 5

                                                                                                      Your phone (at least for iOS) actually has pretty good secret storage. There was a great talk at BlackHat a few years ago about what Apple does: https://www.youtube.com/watch?v=BLGFriOKz6U

                                                                                                      1. 7

                                                                                                        Yes, also some Android devices have it too (TEE/SE). The thing is that, if the device has none of these, any app with enough privileges could read your keys… just like on your computer.

                                                                                                        I wouldn’t claim my computer to be saver (okay, okay, I actually would) but this “second factor, put all the trust into a corporate controlled, highly connected, often stolen mobile device” doesn’t make anything better.

                                                                                                        Long story short : Use a Smartcard!

                                                                                                        1. 1

                                                                                                          Smartcard++ It offers the convenience of having the keys on the device, while not having the keys on the device (at least on android - I haven’t found a way to do smartcards on iOS)!

                                                                                                          1. 2

                                                                                                            Could you provide a link?

                                                                                                            1. 1

                                                                                                              OpenKeychain is what I am using along with k-9 mail and Password Store, the auth api is still wip. I should have specified that I am not doing ssh stuff yet, sorry if I got your hopes up! :D

                                                                                                              1. 2

                                                                                                                Ah this is the same setup as mine, but I’m using a yubikey neo (with nfc) to read the keys

                                                                                                    1. 5

                                                                                                      I also did not know about this!