https://bugzilla.mindrot.org/show_bug.cgi?id=3366
--- Comment #5 from Damien Miller <[email protected]> --- >From Pedro, who knows way more about this than me: > Reverting b969072c would break the "uv handled by token" logic implemented in > f3c34df8. (I am including links to both commits at the bottom of this > message). > > With f3c34df8, -O verify-required credentials without a corresponding PIN/UV > gesture and a credential unknown to the token (#3366) are indistinguishable to > the middleware: an attempt to sign results in ERR_NO_CREDENTIALS and > SSH_SK_USER_VERIFICATION_REQD is clear. > > Reverting both commits would address #3366 but break builtin UV (f3c34df8). A > best-effort compromise would be to attempt to sign if a) there's only one > token; > b) the token supports builtin UV (so we can't tell whether the credential > exists > on the token without asking the user to complete UV, i.e. supply a PIN or > perform UV gesture): > > - if (skvcnt == 1) { > + if (skvcnt == 1 && fido_dev_has_uv(skv[0]->dev)) { > > b969072c: https://github.com/openssh/openssh-portable/commit/b969072c > f3c34df8: https://github.com/openssh/openssh-portable/commit/f3c34df8 I've committed a version of this as https://github.com/openssh/openssh-portable/commit/b560120214 but it will only improve matters for biometric keys. I don't think this can be avoidable in the general case. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
