[Bug 3572] ssh-agent refused operation when using FIDO2 with -O verify-required
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Sun Dec 24 00:45:44 AEDT 2023
https://bugzilla.mindrot.org/show_bug.cgi?id=3572
personal at ilanjoselevich.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |personal at ilanjoselevich.com
--- Comment #10 from personal at ilanjoselevich.com ---
Created attachment 3778
--> https://bugzilla.mindrot.org/attachment.cgi?id=3778&action=edit
two terminals running ssh and ssh-agent
I really want to use ssh-agent with my FIDO2 (PIN) protected ssh key
but it seems that it requires you to use a GUI SSH_ASKPASS. I played
around with it a bit and figured out that the reason why it needs a GUI
SSH_ASKPASS is because it executes it inside the ssh-agent's process
and tty, meaning that it will just fail once it asks for a password on
the terminal because it is non-interactive.
I wonder if it's possible for ssh to run the SSH_ASKPASS on the
client's terminal rather than on the agent and pass the output back to
the agent.
I attached an image of the two terminals to the side, one running the
agent, and one running `ssh`.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list