similar to: Test fixture syntax

Hi the list, I guess I find an other bug (the first one is at the end off this mail) in package.skeleton. It occurs when we give as code_file some file that are not in the current directories. If we give a single file to code_file (like code_file=3D"riri/fifi.R"), it does not reconize fifi.R as a regular name and change it to riri/zfifi.R If we give several file to code_file (like

On Mon, 6 Jan 2025, Pavol Rusnak via openssh-unix-dev wrote: > Hello list! > > Recently, there was a request to implement CTAP 2.1 resident credential > management to Trezor, a hardware wallet which already supports FIDO2 > authentication (full CTAP 2.0). > > My colleague Andrew[1] raised some points on GitHub and I'd like to check > with you what are we missing or

Stuart Henderson wrote: >> This is why I push for challenge/response tokens, not simply >> cert authentication, and really wish that FIDO (such as yubikey) >> was an option, but the discussions I've seen about suporting >> that have not been encouraging. > > hmm? That works pretty well in OpenSSH. hmm, what I'm finding doesn't seem to use the FIDO

Hello list! Recently, there was a request to implement CTAP 2.1 resident credential management to Trezor, a hardware wallet which already supports FIDO2 authentication (full CTAP 2.0). My colleague Andrew[1] raised some points on GitHub and I'd like to check with you what are we missing or whether Andrew is right. Thank you for your help and understanding! Quoting from [1]: It really

Pavol Rusnak via openssh-unix-dev: > Quoting from [1]: > > It really makes no sense to me why credential management is needed by > OpenSSH in the first place. In fact it doesn't even make sense to me why > resident credentials are needed by OpenSSH. Firstly, the private key file > `id_ed25519_sk` contains primarily the FIDO credential, which is nothing > secret and

Hi, OpenSSH 8.4p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a bugfix release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at

On Mon, Jul 13, 2020 at 01:34:37PM +1000, Damien Miller wrote: > On Fri, 10 Jul 2020, Frank Sharkey wrote: > > > I set up the YubiKey with OpenSSH 8.2 (Ubuntu client and server) and it > > works. However, it does not do PIN enforcement at SSH login. It only > > requests the PIN during the set-up process (when the key is being > > generated). Is that the way it's

Hi, OpenSSH 8.2p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is a feature release. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available via git using the instructions at

On Feb 17, 2020, at 9:45 PM, Damien Miller <djm at mindrot.org> wrote: > On Mon, 17 Feb 2020, Ron Frederick wrote: >> I?m trying out the ?resident key? functionality in OpenSSH 8.2, and >> I?m having trouble getting it to find keys that I?ve created. >> >> I?m trying to create a new resident key using: >> >> ssh-keygen -O resident -t ed25519-sk -f

Hi David, > hmm, what I'm finding doesn't seem to use the FIDO challenge/response to the > server, instead it looks like a public/private key that's unlocked with a touch, > possibly storing the private key on the hardware dongle (but it seems like > there's still a key you need to put on the client system) > > Quoting from the yubikey website: > OpenSSH

Hi, Based on my understanding of the FIDO protocol, user verification is independently requested during key creation and verification via server (i.e.relying party in FIDO/WebAuthN terminology) side flags, i.e. "user verification required" is not a per-key/credential, but rather a per-operation property. However, the `ssk-keygen` manpage states that: > verify-required >

Lukas Ribisch: > Based on my understanding of the FIDO protocol, user verification is > independently requested during key creation and verification via > server (i.e.relying party in FIDO/WebAuthN terminology) side flags, > i.e. "user verification required" is not a per-key/credential, but > rather a per-operation property. CTAP 2.1 has a Credential Protection feature

On 2024/10/21 12:02, David Lang via openssh-unix-dev wrote: > A cert is a single factor, so is a password. Cert authentication > is only two factor if you trust that the password is not stored > along with the cert (which is on the untrusted client) You can tell sshd to require *both* password and public key. > This is why I push for challenge/response tokens, not simply > cert

On Fri, 15 Nov 2019, Damien Miller wrote: > On Fri, 1 Nov 2019, Damien Miller wrote: > > > Hi, > > > > As of this morning, OpenSSH now has experimental U2F/FIDO support, with > > U2F being added as a new key type "sk-ecdsa-sha2-nistp256 at openssh.com" > > or "ecdsa-sk" for short (the "sk" stands for "security key").

Hi, guys I am Wenjin from Graduate School of Chinese Academy of Science, pursing a master degree and my current research interests including using Data mining and Information retrieve technology to analysis software engineering (SE) data and support SE. I have great interested in "Weight Schemes" project. and in the last few days I have learnt some detail about DFR model family by

Hello, I'm helping the Git for windows team and contributing in git-for-windows repository to help expand the OpenSSH support for fido2 devices on Windows. Currently we are using your internal implementation(sk-usbhic.c) however since Windows 10 version 1903 this requires administrator privileges. I'm trying to create a module for OpenSSH to use webauthn.dll instead of direct calling to

On Fri, 3 Jan 2020, Christian Weisgerber wrote: > David Lang: > >> not supporting authentication from multiple machines seems to defeat the >> purpose of adding u2f support. > > It works just like other SSH key types. You have a private SSH key > and a public one, and you can copy the private key to multiple > machines or load it into ssh-agent and use agent

I tested building the openSUSE Tumbleweed package locally with the 20250403 snapshot and doing a live test and it works fine. I then also did try "make tests" on the vanilla snapshot sources and at first they failed to even build but after a quick fix that I've submitted at https://bugzilla.mindrot.org/show_bug.cgi?id=3806 the tests run fine too. Thanks! El mi?, 2 abr 2025 a las

I believe it was expected that Samba would allow domain joins by people in the "admin group=" parameter -- I seem to remember reading that somewhere... I also seem to remember (and have discovered) that, no, it is in fact "root", or UID 0 only, who can accomplish this task. My question is, what are the ways around this? There are people in my organization who will be joining

Hi guys, I''m having a little trouble understanding the differences and knowing when to use "def foo" and "def self.foo" in my models. I don''t quite understand them and was hoping someone could explain or give me examples on how to use the "self." properly. For example, I had "def foo" in my model "Account" and in one of