Nitrokey for larger server infrastructure

I have a question regarding to the read operations of the key stored on a Nitrokey.

I would like to implement 2FA for SSH access to our servers in our infrastructure and have considered Nitrokey for this purpose. We operate several servers and virtual machines (approximately 200 machines) and manage them using Ansible.

An Ansible task consists of multiple SSH accesses to transfer data and execute the scripts. With a larger number of servers, the number of read accesses to the key increases significantly.

A few years ago, I tested a Nitrokey for this infrastructure, but it did not last long. After a maximum of six months, the Nitrokey was destroyed, likely due to the high number of read accesses.

Therefore, my question are:

  • How many read operations can a current Nitrokey (e.g. the Nitrokey Start) withstand?
  • Are there any additional experiences with the use of Nitrokeys in larger infrastructures?
  • Is a Nitrokey the right choice for a larger infrastructure?

Can you elaborate what your test was doing? Only signing should create some wear due to writes but just using it for logging in via ssh using the gpg key should use the MCU. Was it operated in the datacenter attached to a machine and operated with a higher ambient temperature?

For high velocity of authentications, this is the realm of HSMs where also rackmount options exist. But might be overkill.

I used the Nitrokey locally on my laptop, where my SSH key for the servers was stored. On the laptop, I executed Ansible, including roles and tasks. This resulted in a large number of SSH connections being established to the servers.
After about six months, I could no longer access the SSH key from the Nitrokey.
I don’t know why the Nitrokey stopped working; my suspicion was that the key was accessed too frequently.