similar to: Incomplete attestation data for FIDO2 SKs?

This is not valid in ISO C. --- ssh-sk.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ssh-sk.c b/ssh-sk.c index 2b25c42f..3d6ac3d0 100644 --- a/ssh-sk.c +++ b/ssh-sk.c @@ -153,7 +153,7 @@ sshsk_free_enroll_response(struct sk_enroll_response *r) freezero(r->signature, r->signature_len); freezero(r->attestation_cert, r->attestation_cert_len); freezero(r,

Hi, OpenSSH 8.2p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a feature release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at

I updated to the latest versions of libfido2 and openssh-portable tonight, with an intention to test out the security key functionality and look closely at the changes over the last couple of months to see if I need to change anything in my AsyncSSH implementation to stay in sync. However, it seems that libfido2 no longer provides the ?libsk-libfido2.so? library that it used to. That was something

Hi, As of this morning, OpenSSH now has experimental U2F/FIDO support, with U2F being added as a new key type "sk-ecdsa-sha2-nistp256 at openssh.com" or "ecdsa-sk" for short (the "sk" stands for "security key"). If you're not familiar with U2F, this is an open standard for making inexpensive hardware security tokens. These are easily the cheapest way

Hello, I'm helping the Git for windows team and contributing in git-for-windows repository to help expand the OpenSSH support for fido2 devices on Windows. Currently we are using your internal implementation(sk-usbhic.c) however since Windows 10 version 1903 this requires administrator privileges. I'm trying to create a module for OpenSSH to use webauthn.dll instead of direct calling to

https://bugzilla.mindrot.org/show_bug.cgi?id=3188 Bug ID: 3188 Summary: Problems creating a second ecdsa-sk key for a second Yubikey Product: Portable OpenSSH Version: 8.3p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh-keygen

Hi Damien, On Nov 14, 2019, at 3:26 PM, Damien Miller <djm at mindrot.org> wrote: > On Fri, 1 Nov 2019, Damien Miller wrote: >> As of this morning, OpenSSH now has experimental U2F/FIDO support, with >> U2F being added as a new key type "sk-ecdsa-sha2-nistp256 at openssh.com" >> or "ecdsa-sk" for short (the "sk" stands for "security

On 2019-11-14, Damien Miller <djm at mindrot.org> wrote: > Please give this a try - security key support is a substantial change and > it really needs testing ahead of the next release. Hi Damien, Thanks for working on security key support, this is a really nice feature to have in openssh. My non-FIDO2 security key (YubiKey NEO) doesn't work with the latest changes to openssh

On Fri, 15 Nov 2019, Damien Miller wrote: > On Fri, 1 Nov 2019, Damien Miller wrote: > > > Hi, > > > > As of this morning, OpenSSH now has experimental U2F/FIDO support, with > > U2F being added as a new key type "sk-ecdsa-sha2-nistp256 at openssh.com" > > or "ecdsa-sk" for short (the "sk" stands for "security key").

https://bugzilla.mindrot.org/show_bug.cgi?id=3572 Bug ID: 3572 Summary: ssh-agent refused operation when using FIDO2 with -O verify-required Product: Portable OpenSSH Version: 9.3p1 Hardware: Other OS: Linux Status: NEW Severity: minor Priority: P5 Component:

OpenSSH 8.2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested

OpenSSH 8.2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested

OpenSSH 8.2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested

We have been fortunate to hang onto one of our summer interns for part time work on weekends during the current school year. One of the intern's jobs is to load documents and data which are then processed.? The documents are .txt, .docx, and .pdf files. The data files are raw sensor outputs usually captured using ADCs mostly with eight bit precision.? All files are loaded or moved from one

Hi, OpenSSH 8.4p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a bugfix release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at

Hi, So I finally have time to test the u2f support but so far I haven't been very successful, Specifically, current HEAD has SSH_SK_VERSION_MAJOR 0x00040000 and I can't seem to find a matching libfido2 version, current HEAD of Yubico/libfido2 is 0x00020000 Is there a more up to date libfido2 or a particular commit of openssh-portable I should be using? thanks Sean

In a few weeks, no SIP call is going to terminate unless they are signed properly, as mandated by law. We are in the business of Stir-Shaken, signing calls, as an FCC-approved provider. A big differentiator between our service and the rest: we are the only ones who don't need to receive the calls in our servers to sign them. We do this over a MySQL call, easily connectable to Asterisk via

Announcement: ------------- The 2-factor authentication was extended with Webauthn/FIDO2. You can manage AD LDS users and groups (LAM Pro). This is a test release. Please report any issues till 2020-03-06. Full changelog: https://www.ldap-account-manager.org/lamcms/changelog Download: https://www.ldap-account-manager.org/lamcms/releases Features: --------- * management of various account

Announcement: ------------- The 2-factor authentication was extended with Webauthn/FIDO2. You can manage AD LDS users and groups (LAM Pro). Full changelog: https://www.ldap-account-manager.org/lamcms/changelog Download: https://www.ldap-account-manager.org/lamcms/releases Features: --------- * management of various account types * Unix * Samba 4/Active Directory * Asterisk * Kopano *

When using openssh with a u2f key, you generate a key via: ssh-keygen -t ecdsa-sk Each time you run it, it gives a different key pair. (Randomly seeming). A differently generated key pair is not valid with the first's public key. All good so far, but you run into a problem if: You generate a keypair (A). You register your public key for (A) on a bunch of ssh servers. You take