[Bug 3188] New: Problems creating a second ecdsa-sk key for a second Yubikey

[bugzilla-daemon at mindrot.org]

https://bugzilla.mindrot.org/show_bug.cgi?id=3188

            Bug ID: 3188
           Summary: Problems creating a second ecdsa-sk key for a second
                    Yubikey
           Product: Portable OpenSSH
           Version: 8.3p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: ssh-keygen
          Assignee: unassigned-bugs at mindrot.org
          Reporter: David at WalkerStreet.info

I've been playing around with ecdsa-sk type keys since 8.3p1 came out
in a recent openSUSE Tumbleweed snapshot. It works fine for me, except
when I try to add a second Yubikey. My first key (a Yubikey 5c Nano)
was set up with "ssh-keygen -t ecdsa-sk" using the default key files
(~/.ssh/id_ecdsa_sk*), but when I try to do the same for a second key
(a Yubikey 5 NFC, using USB), the light doesn't flash on the Yubikey
when I'm prompted to press the Yubikey's button, so pressing the button
has no effect, I'm not prompted for where to store the new key pair,
and no key is created.  I have to use ctrl-C to get out of ssh-keygen.

After this happens, the first key will not work for ssh authentication
for a while (a few hours to a couple of days), even if I reboot the
system. Both keys continue to work with a browser (Vivaldi), though.

Any ideas of how to diagnose what's going on?

-- 
You are receiving this mail because:
You are watching the assignee of the bug.