Reza Tavakoli
2020-Sep-21 16:30 UTC
Fallback mechanism for external security key libraries
Hello, Due to many changes in sk-api.h system, can we add a fallback mechanic to switch to internal implementation if the current library version does not match the installed OpenSSH? It can be controllable via some settings or parameters. I can start working on a patch if you think this is good idea.
Damien Miller
2020-Sep-22 00:13 UTC
Fallback mechanism for external security key libraries
On Mon, 21 Sep 2020, Reza Tavakoli wrote:> Hello, > Due to many changes in sk-api.h system, can we add a fallback mechanic to > switch to internal implementation if the current library version does not > match the installed OpenSSH? It can be controllable via some settings or > parameters. I can start working on a patch if you think this is good idea.I think it would be better to eventually have ssh-sk.c allow support for older API versions, but only once FIDO support is a little less new and has had time to stabilise. -d