Trezor Model T is a great product. I bought it for hardware-based Bitcoin wallets but it's working well for SSH via trezor-agent (ed25519) and U2F. It has per-identity keys for SSH and requires auth to use U2F or an SSH identity via the touchscreen just like Bitcoin payments.
Conversation
It generates and stores a high entropy seed as 12/18/24 words from a 2048 length word list. The seed gets written down to allow recovery. It has the option of using a passphrase as an extra non-stored seed word and every passphrase is valid so you can have multiple wallets, etc.
1
2
Trezor Model T has a touchscreen to enter the passphrase on the device rather than the connected computer which makes it a much better feature.
It'd be neat to try using it for signing Android app / OS releases using ECDSA P-256 perhaps via the existing support for GPG and SSH.
Replying to
It works deterministically from the generated random seed + passphrase to support full recovery. U2F has the complication of a global counter but their suggestion of setting it to the Unix timestamp for recovery works well. It's a far better design than typical HSM designs.
1
2
The only way I've been able to use an HSM in the past is by generating keys on my workstation in a ramdisk, backing up on cold storage, importing them onto the device and then clearing them. The approach supported by Trezor is far better since it doesn't ever trust the computer.
1
1
For recovery, typical HSM design would also end up exposing a key to a computer again in order to import them onto a replacement. For the Trezor Model T, you enter the recovery seed into the new device directly. I was never happy with the approach needed for a YubiKey, etc.
2