search for: ssh2connect

Hey, Judging from the (private) responses I?ve got, there is quite a bit of interest in the U2F feature I proposed a while ago. Therefore, I?ve taken some time to resolve the remaining issues, and I think the resulting patch (attached to this email) is in quite a good state now. I also posted the new version of the patch to https://bugzilla.mindrot.org/show_bug.cgi?id=2319 (which I?ve opened

....org ReportedBy: tj at castaglia.org Created an attachment (id=1767) --> (https://bugzilla.mindrot.org/attachment.cgi?id=1767) Uses access(2) to check readability of identity file before loading When using publickey authentication, the private key is loaded from an IdentityFile using ssh2connect.c's load_identity_file() function. A stat(2) is used to ensure that the file exists, and then the key is loaded. If the file exists, but the process does not have read permissions on that file, then ssh will prompt the user for a passphrase. This is particularly confusing if the private key...

...configure, use autoreconf > > -i to regenerate it, then run ./configure --with-u2f and compile OpenSSH. > > Transferring my notes from the other thread: > > 1) PAM doesn't work (--with-pam, then UsePAM yes and > ChallengeResponseAuthentication yes) > Fix: detect loops in ssh2connect:userauth_u2f in some other way, such > as a dedicated variable in authctxt. (but also see point 5) > > 2) origin doesn't seem to be respected by YubiKeys (if I understand > the spec correctly) > Is AppID a better choice for this reason? > > 3) Include paths (probably bug in...