[Bug 3188] Problems creating a second ecdsa-sk key for a second Yubikey
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue Jun 30 11:59:26 AEST 2020
https://bugzilla.mindrot.org/show_bug.cgi?id=3188
--- Comment #6 from David Walker <David at WalkerStreet.info> ---
(In reply to Damien Miller from comment #5)
> Can you try to talk to the card using a tool like ykman? E.g.
Here it is with the 5 NFC inserted:
> ykman info
Device type: YubiKey 5 NFC
Serial number: 13377198
Firmware version: 5.2.6
Form factor: Keychain (USB-A)
Enabled USB interfaces: OTP+FIDO+CCID
NFC interface is enabled.
Applications USB NFC
OTP Enabled Enabled
FIDO U2F Enabled Enabled
OpenPGP Enabled Enabled
PIV Enabled Enabled
OATH Enabled Enabled
FIDO2 Enabled Enabled
And here's the 5c Nano:
> ykman info
Device type: YubiKey 5C Nano
Serial number: 11541414
Firmware version: 5.2.4
Form factor: Nano (USB-C)
Enabled USB interfaces: OTP+FIDO+CCID
Applications
OTP Enabled
FIDO U2F Enabled
OpenPGP Enabled
PIV Enabled
OATH Enabled
FIDO2 Enabled
Note that *neither* Yubikey works with ssh (and its associated tools)
for a period of time after the ssh-keygen failure, but both continue to
work with browsers (Vivaldi, in particular). Does ssh-sk-helper have
some kind of cache? The fact that things start working after a period
of time is suspicious to me.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list