Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. OpenSSH>
  3. Dev
Fallback mechanism for external security key libraries
rta.0070 at gmail
Sep 21, 2020, 9:30 AM
Post #1 of 2 (119 views)
Permalink
Hello,
Due to many changes in sk-api.h system, can we add a fallback mechanic to
switch to internal implementation if the current library version does not
match the installed OpenSSH? It can be controllable via some settings or
parameters. I can start working on a patch if you think this is good idea.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: Fallback mechanism for external security key libraries [ In reply to ]
djm at mindrot
Sep 21, 2020, 5:13 PM
Post #2 of 2 (119 views)
Permalink
On Mon, 21 Sep 2020, Reza Tavakoli wrote:

> Hello,
> Due to many changes in sk-api.h system, can we add a fallback mechanic to
> switch to internal implementation if the current library version does not
> match the installed OpenSSH? It can be controllable via some settings or
> parameters. I can start working on a patch if you think this is good idea.

I think it would be better to eventually have ssh-sk.c allow support for
older API versions, but only once FIDO support is a little less new and
has had time to stabilise.

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal