search for: id_ed25519_sk

...ent Assignee: unassigned-bugs at mindrot.org Reporter: bluebird090909 at proton.me When using FIDO2 keys in combination with the option verify-required, using ssh-agent will fail with the error message: sign_and_send_pubkey: signing failed for ED25519-SK "/home/user/.ssh/id_ed25519_sk" from agent: agent refused operation When the ssh-agent is not used or the key has not yet been cached, the login operation works as expected, asking the passphrase for the local identity key, followed by the FIDO2 device PIN, followed by a request to touch the device. running ssh-add -l w...

...openssh code it seems that the flag below is never properly used when reading or restoring a key from hardware tokens: sk-api.h #define SSH_SK_USER_PRESENCE_REQD 0x01 Here is lists of steps to fully reproduce the issue: Step 1. Generate a new ed25519_sk. This new key will be stored in .ssh/id_ed25519_sk. Please note the `no-touch-required` and `resident` parameters on the key generation. $ ssh-keygen -vvvv -t ed25519-sk -O no-touch-required -O resident -O application=ssh:test Step 2. Confirm the generated key has `no-touch-required` option enabled with ssh-keygen. In the output below, please not...

....ssh/id_ecdsa-cert type -1 debug1: identity file /home/ago/.ssh/id_ecdsa_sk type -1 debug1: identity file /home/ago/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file /home/ago/.ssh/id_ed25519 type -1 debug1: identity file /home/ago/.ssh/id_ed25519-cert type -1 debug1: identity file /home/ago/.ssh/id_ed25519_sk type -1 debug1: identity file /home/ago/.ssh/id_ed25519_sk-cert type -1 debug1: identity file /home/ago/.ssh/id_xmss type -1 debug1: identity file /home/ago/.ssh/id_xmss-cert type -1 debug1: identity file /home/ago/.ssh/id_dsa type -1 debug1: identity file /home/ago/.ssh/id_dsa-cert type -1 debug1:...

https://bugzilla.mindrot.org/show_bug.cgi?id=3168 Bug ID: 3168 Summary: libssh.a(utf8.o): undefined reference to symbol 'strcasestr@@GLIBC_2.17' Product: Portable OpenSSH Version: 8.2p1 Hardware: ARM64 OS: Linux Status: NEW Severity: critical Priority: P5

...ity file /export/home/user/.ssh/id_ecdsa_sk type -1 debug1: identity file /export/home/user/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file /export/home/user/.ssh/id_ed25519 type -1 debug1: identity file /export/home/user/.ssh/id_ed25519-cert type -1 debug1: identity file /export/home/user/.ssh/id_ed25519_sk type -1 debug1: identity file /export/home/user/.ssh/id_ed25519_sk-cert type -1 debug1: identity file /export/home/user/.ssh/id_xmss type -1 debug1: identity file /export/home/user/.ssh/id_xmss-cert type -1 debug1: identity file /export/home/user/.ssh/id_dsa type -1 debug1: identity file /export/ho...

...1 debug1: identity file /home/bsradmin/.ssh/id_ecdsa_sk type -1 debug1: identity file /home/bsradmin/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file /home/bsradmin/.ssh/id_ed25519 type -1 debug1: identity file /home/bsradmin/.ssh/id_ed25519-cert type -1 debug1: identity file /home/bsradmin/.ssh/id_ed25519_sk type -1 debug1: identity file /home/bsradmin/.ssh/id_ed25519_sk-cert type -1 debug1: identity file /home/bsradmin/.ssh/id_xmss type -1 debug1: identity file /home/bsradmin/.ssh/id_xmss-cert type -1 debug1: identity file /home/bsradmin/.ssh/id_dsa type -1 debug1: identity file /home/bsradmin/.ssh/id...