I was looking at the Nitrokey offerings for USB-C with respect to Librem 5 usage. No offerings appear to be targeted at single USB port charging devices like the Librem 5.
It would seem that a security conscious solution could provide a USB charger port at the other end of the key that only had the power lines connected.
Is this possible?
Why not use a hub in situations you provide power to the phone?
If you use a dock you could also connect ethernet, monitor, input devices and whatever more if you like.
Donât really want to carry a hub everywhere I might just want to charge and use the phone at the same time. The Librem Key usage scenario is that it has to be plugged in to use the computer, right?
The LibremKey does a few things and for neither it needs to be plugged in all the time while using a computer:
pass)For all these use cases (and maybe even more I do not know) you can plug the stick in, use it, plug it out - keep using your computer.
Some people made some configuration to lock there screen when the key is unplugged, but that is not a standard usage and not configured by default.
Youâll like not find a âpower injectorâ for usb-c thatâll satisfy your needs - the power delivery (PD) protocol doesnât work in favour of such an idea. The most simple power injector supporting PD youâll find is the smallest usb-c hub with a power connector.
If this did change over the last year (I searched for a simple power injector, too) then please donât forget to post it or even better put it on the list of tested accessories.
Alternatively, get an openpgp smart card and insert it inside the L5 (under the battery).
I guess this is the scenario Iâm thinking of: âWith a Librem Key linked to your encrypted drive, you can boot your system, insert your key, and enter your PIN when prompted. You can always fall back to your passphrase if your Librem Key isnât at hand.
Just remove your Librem Key and your desktop will lock automatically, protecting your system from snooping while you are gone.â
I donât get the âpower injectorâ comments. My scenario has the Librem Key plugged into the Librem 5, and a USB power supply plugged into the other end of the Librem Key. Unplug the power supply, the phone stops charging, but the Librem Key still works. Plug in the power supply the phone starts charging. Maybe Iâm underestimating the complexity of USB PD.
This doesnât have the easy unlock-lock scenario that I would look for with the Librem Key.
You mean with a hypothetical future hardware device, as similar as possible to the Librem Key, that doesnât currently exist? Sure. However âŚ
I believe that this is not possible i.e. the data lines are used in the negotiation that happens in order to implement USB-C PD. However with back-to-back power negotiations, you can get the effect of âonly the power lines connectedâ - so even if you connect to an untrusted USB-C power source, you are not exposing data lines all the way through from the Librem 5 to the power source.
(If the Librem Key is your primary source of trust on the Librem 5 then it probably isnât ideal to expose the Librem Key directly to an untrusted power source.)
Of course a completely different (future hardware) approach is a second USB-C port on the Librem 5 - so you can charge the Librem 5 using the existing USB-C port even when a USB client device is connected to the hypothetical second, say, data-only USB-C port. (My assumption would be that the hypothetical second USB-C port would not be on the bottom of the phone.)