[openssh-commits] [openssh] 01/03: upstream: mention that biometrics may be used for FIDO key user

[git+noreply at mindrot.org]

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 785e3c9110df8f2d30e42ce8b45969c49700f35b
Author: djm at openbsd.org <djm at openbsd.org>
AuthorDate: Wed Nov 27 13:00:23 2024 +0000

    upstream: mention that biometrics may be used for FIDO key user
    
    verification as well as PIN. Prompted by Zack Newman, ok jmc@
    
    OpenBSD-Commit-ID: b774a4438c9be70012661ee278450790d21277b8
---
 ssh-keygen.1 | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 06f0555a..00246a86 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-keygen.1,v 1.233 2024/08/17 08:35:04 djm Exp $
+.\"	$OpenBSD: ssh-keygen.1,v 1.234 2024/11/27 13:00:23 djm Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo at cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: August 17 2024 $
+.Dd $Mdocdate: November 27 2024 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -1041,13 +1041,11 @@ format.
 .Pp
 .It Ic verify-required
 Require signatures made using this key indicate that the user was first
-verified.
+verified, e.g. by PIN or on-token biometrics.
 This option only makes sense for the FIDO authenticator algorithms
 .Cm ecdsa-sk
 and
 .Cm ed25519-sk .
-Currently PIN authentication is the only supported verification method,
-but other methods may be supported in the future.
 .El
 .Pp
 At present, no standard options are valid for host keys.

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.