https://bugzilla.mindrot.org/show_bug.cgi?id=3606
Bug ID: 3606
Summary: no-touch-required option refused by server
Product: Portable OpenSSH
Version: 9.4p1
Hardware: All
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: ssh
Assignee: unassigned-b...@mindrot.org
Reporter: bluebird090...@proton.me
Using a security key with the option no-touch-required is always
refused by the server with the following message:
error: public key ED25519-SK SHA256:2Rw..... signature for user from
10.0.2.2 port 35614 rejected: user presence (authenticator touch)
requirement not met
To reproduce:
1. generate key:
ssh-keygen -t ed25519-sk -O resident -O verify-required -O
no-touch-required -O application=ssh:test
2. add key to authorized_keys on target server
3. Connect to server with -o IdentityAgent=none (required as workaround
for bug 3572)
connection is refused (no further information on client side)
4. find the above mentioned error message in the journal log
Both Client and Server are running Arch with OpenSSH 9.4
Used Security Key: Nitrokey 3, Firmware version: v1.5.0
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
