A few days ago I saw a blog post by GitHub announcing their support for security keys in SSH operations. After a bit of search, I discovered that OpenSSL 8.2, released last year, lets us use our FIDO2 devices (such as Yubikeys) to “unlock” our SSH private keys. This way, we don’t need the cumbersome GPG <-> SSH relation.
I tried it, and it was nice. I don’t know if I’m going to start using it right away because not every place uses OpenSSL 8.2+ yet, but soon, very soon.