https://bugzilla.mindrot.org/show_bug.cgi?id=3607
Bug ID: 3607
Summary: Redundant "Confirm user presence"
Product: Portable OpenSSH
Version: 9.4p1
Hardware: All
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-b...@mindrot.org
Reporter: bluebird090...@proton.me
Connecting with a security key results in the following behavior:
$ ssh tester@testserver
Confirm user presence for key ED25519-SK SHA256:7eZ...
Enter PIN for ED25519-SK key /home/user/.ssh/id_ed25519_sk-test:
(Pin is entered)
Confirm user presence for key ED25519-SK SHA256:7eZ...
(Authenticator touched)
To clarify:
After initiating the connection, I get the following two lines
immediately:
Confirm user presence for key ED25519-SK SHA256:7eZ...
Enter PIN for ED25519-SK key /home/user/.ssh/id_ed25519_sk-test:
I then enter the PIN and get the next line:
Confirm user presence for key ED25519-SK SHA256:7eZ...
Then I touch the device (once) and am logged in
I never need to touch the device twice to login.
The key was generated with the following:
ssh-keygen -t ed25519-sk -O resident -O verify-required -O
application=ssh:test
Both Client and Server are running Arch with OpenSSH 9.4
Used Security Key: Nitrokey 3, Firmware version: v1.5.0
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
