Confirm user presence via ssh-agent protocol?

[Jan Schermer]

> On 5. 12. 2025, at 2:58, Damien Miller <djm at mindrot.org> wrote:
> 
> On Thu, 4 Dec 2025, Jesse Hathaway via openssh-unix-dev wrote:
> 
>> I have recently switched to using a FIDO backed ssh key which requires a
>> touch for each key operation. I was surprised to discover that no
>> feedback is supplied on the terminal to indicate that a touch is
>> required, instead the connection appears to simply hang. After a bit of
>> research my understanding is that at present there is no mechanism for
>> an ssh-agent to indicate to the ssh client that a touch is
>> required[1] to continue.
>> 
>> I realize there are other ways to notify that a touch is required,
>> including using another agent, or monitoring the FIDO device directly,
>> as yubikey-touch-detector does.
> 
> ssh-agent can signal that a touch (or PIN) is required via $SSH_ASKPASS.

It’s typically the security key that requires confirmation, not the agent. The best one could do is add another confirmation (or popup that confirms automatically)
Once you start using FIDO regularly, you start noticing it blinking at times like this.
It’s also possible to enroll a FIDO key without requiring confirmation, you could then require confirmation by the agent instead

In the end, it all depends on what security you want.
Personally, I use macOS and Secretive for my day2day SSH operations with a key that just notifies me on usage, but for higher-security or backup purposes I use physical FIDO keys that require both PIN and touch.
You can enroll multiple keys with multiple behaviours into one physical key, though on my Yubikey, once PIN is set for FIDO application, it is always required. Not sure if this is device/firmware specific, or maybe I tested it wrong.

> 
>> However, I would really prefer a message
>> in my terminal. Would it be possible to add a new ssh-agent protocol
>> message to indicate that a touch is required?
> 

You can use “ssh-add -c” and set SSH_ASKPASS to just emit a popup message and exit, but not all agents support confirmation. I’d leave it to the blinking of the key.