Ledger
(Ledger Nano S/Ledger Nano X/Ledger Stax) is a hardware security key,
that can be used to securely store SSH keys and authenticate SSH sessions.
The Ledger-agent software is a command-line utility that allows you to use your Ledger to authenticate SSH connections without exposing your private keys to the network or the computer you are connecting from.
Ledger’s SSH agent support covers ECDSA P-256/prime256v1 and Ed25519 SSH keys. (NOTE: that it doesnt cover RSA)
While RSA keys are still widely used, newer key type Ed25519 are generally considered to be more secure and efficient.
To use Ed25519 keys with the Ledger usb key and Ledger-agent software, you can simply use the command
ledger-agent -e ed25519 user@host ledger-agent -e ed25519 -c user@host Benefits of using hardware security keys like the (Ledger Nano X/Ledger Nano S/Ledger Stax) for SSH authentication include increased security and protection against key theft or compromise, as well as convenience and ease of use.
Currently, these keys are very cheap second-hand on eBay. Since they are commonly used to store BTC, many users avoid second-hand USB hardware wallets because of security concerns.
Because of this, it is sometimes possible to find them second-hand for half of their new retail value, especially during times when the BTC price dips.
From a security perspective, your mileage may vary. Using Ledger devices for SSH is not really an industry standard, which also means it has not been a major focus area for most attackers.