Resident keys?
Gabriel Kihlman
gk at b0rk.org
Tue Feb 18 19:46:17 AEDT 2020
Ron Frederick <ronf at timeheart.net> writes:
>
> Here’s what I get back:
[ ... ]
> debug1: ssh_sk_load_resident_keys: trying
> IOService:/AppleACPIPlatformExpert/PCI0 at 0/AppleACPIPCI/XHC1 at 14/XHC1 at 14000000/HS08 at 14300000/USB2.0
> debug1: read_rks: get metadata for
> IOService:/AppleACPIPlatformExpert/PCI0 at 0/AppleACPIPCI/XHC1 at 14/XHC1 at 14000000/HS08 at 14300000/USB2.0
[ ... ]
> failed: FIDO_ERR_PIN_NOT_SET
> debug1: ssh_sk_load_resident_keys: read_rks failed for
[ .. ]
> No keys to download
>
> I tried using “change-pin” in yubico-piv-tool, but that didn’t seem to
> make a difference. I still got the same error after successfully
> changing the PIN.
That PIN is for the PIV application on the yubikey.
Use "ykman fido set-pin" instead using the Yubikey Manager.
/gabriel
More information about the openssh-unix-dev
mailing list