Fido2 sometimes prompts for PIN

Jeremy Hansen jeremy at
Thu Aug 25 16:34:56 AEST 2022

Yubikey BIO.

I’m noticing it consistently prompts me for pin when I use a different fingerprint, so I guess what seemed to be a random prompt for my PIN is just me not touching the key properly. This also explains why it prompts for a touch the section time. I’d like to always prompt for PIN.

I also noticed if I use the wrong fingerprint, as long as my PIN is correct, it allows me to proceed. I guess I expected that a second bad fingerprint after the PIN prompt would kick me out.


> On Wednesday, Aug 24, 2022 at 11:26 PM, pedro martelletto <pedro at (mailto:pedro at> wrote:
> On Thu, Aug 25, 2022, at 7:59 AM, Jeremy Hansen wrote:
> > I’m trying to understand why my fido2 configuration only asks for a PIN
> > sometimes…
> >
> > Is there a way to force it to ask for PIN every time?
> Hi Jeremy,
> Which FIDO2 authenticator are you using?
> -p.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 852 bytes
Desc: not available
URL: <>

More information about the openssh-unix-dev mailing list