[Bug 3572] ssh-agent refused operation when using FIDO2 with -O verify-required
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Wed Dec 27 20:56:33 AEDT 2023
https://bugzilla.mindrot.org/show_bug.cgi?id=3572
chn at chn.moe changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |chn at chn.moe
--- Comment #11 from chn at chn.moe ---
(In reply to personal from comment #10)
> Created attachment 3778 [details]
> two terminals running ssh and ssh-agent
>
> I really want to use ssh-agent with my FIDO2 (PIN) protected ssh key
> but it seems that it requires you to use a GUI SSH_ASKPASS. I played
> around with it a bit and figured out that the reason why it needs a
> GUI SSH_ASKPASS is because it executes it inside the ssh-agent's
> process and tty, meaning that it will just fail once it asks for a
> password on the terminal because it is non-interactive.
>
> I wonder if it's possible for ssh to run the SSH_ASKPASS on the
> client's terminal rather than on the agent and pass the output back
> to the agent.
>
> I attached an image of the two terminals to the side, one running
> the agent, and one running `ssh`.
Have you finally made it works? It seems you are using NixOS, would you
mind to share the corresponding configs?
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list