Fido2 sometimes prompts for PIN
Jeremy Hansen
jeremy at skidrow.la
Thu Aug 25 16:34:56 AEST 2022
Yubikey BIO.
I’m noticing it consistently prompts me for pin when I use a different fingerprint, so I guess what seemed to be a random prompt for my PIN is just me not touching the key properly. This also explains why it prompts for a touch the section time. I’d like to always prompt for PIN.
I also noticed if I use the wrong fingerprint, as long as my PIN is correct, it allows me to proceed. I guess I expected that a second bad fingerprint after the PIN prompt would kick me out.
Thanks
> On Wednesday, Aug 24, 2022 at 11:26 PM, pedro martelletto <pedro at ambientworks.net (mailto:pedro at ambientworks.net)> wrote:
> On Thu, Aug 25, 2022, at 7:59 AM, Jeremy Hansen wrote:
> > I’m trying to understand why my fido2 configuration only asks for a PIN
> > sometimes…
> >
> > Is there a way to force it to ask for PIN every time?
>
> Hi Jeremy,
>
> Which FIDO2 authenticator are you using?
>
> -p.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 852 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20220824/e82bf8e0/attachment.asc>
More information about the openssh-unix-dev
mailing list