Up to [local] / src / usr.bin / ssh / ssh-sk-helper
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.5 / (download) - annotate - [select for diffs], Fri Dec 13 19:09:10 2019 UTC (4 years, 5 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
HEAD
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)
use ssh-sk-helper for all security key signing operations This extracts and refactors the client interface for ssh-sk-helper from ssh-agent and generalises it for use by the other programs. This means that most OpenSSH tools no longer need to link against libfido2 or directly interact with /dev/uhid* requested by, feedback and ok markus@
Revision 1.4 / (download) - annotate - [select for diffs], Thu Nov 14 21:27:31 2019 UTC (4 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.3: +4 -1 lines
Diff to previous 1.3 (colored)
directly support U2F/FIDO2 security keys in OpenSSH by linking against the (previously external) USB HID middleware. The dlopen() capability still exists for alternate middlewares, e.g. for Bluetooth, NFC and test/debugging.
Revision 1.3 / (download) - annotate - [select for diffs], Thu Nov 7 08:38:38 2019 UTC (4 years, 7 months ago) by naddy
Branch: MAIN
Changes since 1.2: +2 -3 lines
Diff to previous 1.2 (colored)
Fill in missing man page bits for U2F security key support: Mention the new key types, the ~/.ssh/id_ecdsa_sk file, ssh's SecurityKeyProvider keyword, the SSH_SK_PROVIDER environment variable, and ssh-keygen's new -w and -x options. Copy the ssh-sk-helper man page from ssh-pkcs11-helper with minimal substitutions. ok djm@
Revision 1.2 / (download) - annotate - [select for diffs], Thu Oct 31 21:23:19 2019 UTC (4 years, 7 months ago) by djm
Branch: MAIN
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)
Refactor signing - use sshkey_sign for everything, including the new U2F signatures. Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() like all other signature operations. This means that we need to add a provider argument to sshkey_sign(), so most of this change is mechanically adding that. Suggested by / ok markus@
Revision 1.1 / (download) - annotate - [select for diffs], Thu Oct 31 21:22:01 2019 UTC (4 years, 7 months ago) by djm
Branch: MAIN
ssh-agent support for U2F/FIDO keys feedback & ok markus@