Publishing Gems With Your YubiKey | Tenderlovemaking
28-Oct-2021 1375
The recent compromise of ua-parser-js has put the security and trust of published packages at the top of my mind lately. In order to mitigate the risk of any Ruby Gems I manage from being hijacked, I enabled 2FA on my RubyGems.org account. This means that whenever I publish a Ruby Gem, I have to enter a one time passcode.I have to admit, I find this to be a pain. Whenever I do a release of Rails, I have to enter a passcode over and over again because you can only push one Gem at a time.Finally I’ve found a way to deal with this. I can maintain account security and also not be hassled with OTP codes again, thanks to my YubiKey.This is just a short post about how to set up your YubiKey as an authenticator for RubyGems.org, and how to publish Gems without getting an OTP prompt.
Publishing Gems With Your YubiKey | Tenderlovemaking #ruby #rubydeveloper #rubyonrails #Publishing #YubiKey #Tenderlovemaking #gems https://rubyonrails.ba/link/publishing-gems-with-your-yubikey-tenderlovemaking