[Bug 3564] New: When downloading sk keys from a fido token, applications with multiple keys overwrite each other
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Thu Apr 20 22:02:52 AEST 2023
https://bugzilla.mindrot.org/show_bug.cgi?id=3564
Bug ID: 3564
Summary: When downloading sk keys from a fido token,
applications with multiple keys overwrite each other
Product: Portable OpenSSH
Version: 8.5p1
Hardware: Other
OS: Windows 10
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh-keygen
Assignee: unassigned-bugs at mindrot.org
Reporter: m.schmidt at emtec.com
Static function do_download_sk(const char *skprovider, const char
*device) in ssh-keygen has a loop that goes over the returned keys for
the given sk-application.
However, if an application has more than one keys, the name of the
output file will be the same for all keys (e.g.
id_ecdsa_sk_rk_mydomain), prompting the user to overwrite the first key
with the 2nd, etc.
I believe it would be useful (or more correct) to give subsequent keys
a numbering scheme, e.g. id_ecdsa_sk_rk_mydomain,
id_ecdsa_sk_rk_mydomain2, id_ecdsa_sk_rk_mydomain3, etc.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list