-
Notifications
You must be signed in to change notification settings - Fork 122
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Question] Is it possible to cache FIDO touch verification? #535
Comments
The FIDO2 spec does allow for authentication without UP (user presence), but it would have to be explicitly supported both in the OpenSSH server (to allow it) and in the OpenSSH client (to not request it). |
Yes, this is supported in the OpenSSH client. See the But as Dain said, this also needs to be permitted by the server. If you run the server, see the |
Awesome - appreciate your help! |
Apologies in advance if this is more of an OpenSSH question!
I used this guide to successfully set up Git auth with SSH/FIDO2 - all working with no issues!
However, I need to touch my YubiKey on every auth command. This is fine in most cases, but in the case of running scripts that do multipe git operations it's somewhat tedious. Is is possible to cache this for a short period of time?
The text was updated successfully, but these errors were encountered: