[Bug 3355] no-touch-required flag not restored from hardware token
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Wed Dec 8 15:44:40 AEDT 2021
https://bugzilla.mindrot.org/show_bug.cgi?id=3355
--- Comment #3 from Damien Miller <djm at mindrot.org> ---
(In reply to snegrea from comment #2)
> Thanks for the insight about the FIDO standard. Could you please
> give me a pointer about where to find documentation regarding the
> standard? I did not have much luck searching.
They are at https://fidoalliance.org/specifications/download/ but
aren't especially easy to read unfortunately.
> Is there a way to set no-touch-required flag after the key is
> downloaded from the hardware? The main issue is that while the key
> is/was properly configured in the hardware token there is no way to
> correctly set this flag on the local disk files in the event of a
> restore operation. ssh relies local disk files to pick up this flag
> so if there is another way to correctly set this flag, then this
> becomes a user configuration issue.
Not at present. I'll think about how we could add this...
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list