Trezor Model T is a great product. I bought it for hardware-based Bitcoin wallets but it's working well for SSH via trezor-agent (ed25519) and U2F. It has per-identity keys for SSH and requires auth to use U2F or an SSH identity via the touchscreen just like Bitcoin payments.
Conversation
It generates and stores a high entropy seed as 12/18/24 words from a 2048 length word list. The seed gets written down to allow recovery. It has the option of using a passphrase as an extra non-stored seed word and every passphrase is valid so you can have multiple wallets, etc.
1
2
Trezor Model T has a touchscreen to enter the passphrase on the device rather than the connected computer which makes it a much better feature.
It'd be neat to try using it for signing Android app / OS releases using ECDSA P-256 perhaps via the existing support for GPG and SSH.
1
2
It works deterministically from the generated random seed + passphrase to support full recovery. U2F has the complication of a global counter but their suggestion of setting it to the Unix timestamp for recovery works well. It's a far better design than typical HSM designs.
1
2
The only way I've been able to use an HSM in the past is by generating keys on my workstation in a ramdisk, backing up on cold storage, importing them onto the device and then clearing them. The approach supported by Trezor is far better since it doesn't ever trust the computer.
Replying to
For recovery, typical HSM design would also end up exposing a key to a computer again in order to import them onto a replacement. For the Trezor Model T, you enter the recovery seed into the new device directly. I was never happy with the approach needed for a YubiKey, etc.
2