tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-31 01:35:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

upstream: clarify role of FIDO tokens in multi-factor

Browse Source 
authentictation; mostly from Pedro Martelletto

OpenBSD-Commit-ID: fbe05685a1f99c74b1baca7130c5a03c2df7c0ac
This commit is contained in:
djm@openbsd.org 2020-05-11 02:11:29 +00:00 committed by Damien Miller
parent ecb2c02d99
commit 5a442cec92
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
PROTOCOL.u2f
View File

@ -39,6 +39,13 @@ the key handle be supplied for each signature operation. U2F tokens
primarily use ECDSA signatures in the NIST-P256 field, though the FIDO2 primarily use ECDSA signatures in the NIST-P256 field, though the FIDO2
standard specifies additional key types, including one based on Ed25519. standard specifies additional key types, including one based on Ed25519.
Use of U2F security keys does not automatically imply multi-factor
authentication. From sshds perspective, a security key constitutes a
single factor of authentication, even if protected by a PIN or biometric
authentication. To enable multi-factor authentication in ssh, please
refer to the AuthenticationMethods option in sshd_config(5).
SSH U2F Key formats SSH U2F Key formats
------------------- -------------------