peter hessler @openbsd
Follow

Thanks to msfriedl, now supports keys stored in PKCS#11 tokens such as Yubikey 4. This is available in CVS/git HEAD now and will be in the OpenSSH 8.0 release.

(H/T djm@)

lists.mindrot.org/pipermail/op

· · Web · 3 · 12 · 19
Combat Unicorn

@phessler My lackey will be happy. He's been using GPG to simulate ssh-agent in order to use his Yubikey. Sounded super-horrible to me (because GPG).

1
peter hessler @openbsd

@kurtm it'll be good only if his OS of choice updates their software this decade.

1
Combat Unicorn

@phessler I have it on pretty good authority that his OS of choice will do so. Although... let me check.

Hey @phessler! OpenBSD going to update their OpenSSH to the new version soon?

:flan_XD:

1
peter hessler @openbsd

@kurtm probably ships in tomorrow's snapshot. worst case, check back on May 1.

1
Combat Unicorn

Thanks @phessler !

Well, there you go @phessler. @phessler says the code should be in tomorrow's snapshot.

0
Edd Barrett

@phessler Does this mean we can ditch gpg-agent for ssh auth via yubikey?

1
peter hessler @openbsd

@ebarrett yes. I watched djm@ demo it in the hackroom

0
irl
@phessler Will this cause GnuPG and OpenSSH to fight over the YubiKey instead of fighting over the socket?
1
peter hessler @openbsd

@irl I guess? I don't install gnupg.

1
irl
@phessler Ok. Thanks.
0
Sign in to participate in the conversation
BSD Network

bsd.network is a *BSD-adjacent Mastodon Instance. We have a code of conduct.

Resources

Developers

What is Mastodon?

bsd.network

More…

v3.5.19+iceage · Privacy policy