Ask HN: I built a Yubikey-based domain controller. Is it sellable? 21 by elevation | 8 comments on Hacker News. I once worked in R&D where our competitive advantage was in keeping our customer relationships and intellectual property private, so we kept everything on-prem. No cloud, no SaaS, no WFH. In my own SMB, I still self-host git, CI, chat, etc. I love the privacy and control, but I also needed to open these services to remote workers without exposing them to the world. So I built an appliance to protect my internal web apps by requiring user/pass+yubikey at multiple layers of the stack: L3 (p2p vpn), L4 (mTLS), and L7 (OIDC). The appliance is self contained (VPN, LDAP, NTP, CA, OIDC), like a classic domain controller, and it keeps servers safe from any users without an authorized hardware key. I'd love to bundle this with an admin panel and sell it, but I forsee problems connecting with the right market: * Clients who have meaningful IT budgets will require inter-opera...