version 1.198, 2020/02/02 07:36:50 |
version 1.199, 2020/02/03 08:15:37 |
|
|
Override the default FIDO application/origin string of |
Override the default FIDO application/origin string of |
.Dq ssh: . |
.Dq ssh: . |
This may be useful when generating host or domain-specific resident keys. |
This may be useful when generating host or domain-specific resident keys. |
.It Cm challenge=path |
.It Cm challenge Ns = Ns Ar path |
Specifies a path to a challenge string that will be passed to the |
Specifies a path to a challenge string that will be passed to the |
FIDO token during key generation. |
FIDO token during key generation. |
The challenge string is optional, but may be used as part of an out-of-band |
The challenge string may be used as part of an out-of-band |
protocol for key enrollment. |
protocol for key enrollment |
If no |
(a random challenge is used by default). |
.Cm challenge |
|
is specified, a random challenge is used. |
|
.It Cm device |
.It Cm device |
Explicitly specify a |
Explicitly specify a |
.Xr fido 4 |
.Xr fido 4 |
|
|
overriding the empty default username. |
overriding the empty default username. |
Specifying a username may be useful when generating multiple resident keys |
Specifying a username may be useful when generating multiple resident keys |
for the same application name. |
for the same application name. |
.It Cm write-attestation=path |
.It Cm write-attestation Ns = Ns Ar path |
May be used at key generation time to record the attestation certificate |
May be used at key generation time to record the attestation certificate |
returned from FIDO tokens during key generation. |
returned from FIDO tokens during key generation. |
By default this information is discarded. |
By default this information is discarded. |