You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Make sure you are able to repro it on the latest version
Search the existing issues.
Steps to reproduce
When I use any FIDO device no matter if out of the box or already programmed I get an overwrite warning when adding new keys. On a new device you might just click away this warning. But on a "hot" device this leads to a lot of insecurity. Will it overwrite an existing key? It is a bad habit to get used to click away warnings.
So the suggestion is not to throw a warning when ssh-keygen does not overwrite anything.
Expected behavior
PS C:\Users\xyz\.ssh> ssh-keygen -t ed25519-sk -O residentGenerating public/private ed25519-sk key pair.You may need to touch your authenticator to authorize key generation.Enter file in which to save the key (C:\Users\xyz/.ssh/id_ed25519_sk):
Actual behavior
PS C:\Users\xyz\.ssh> ssh-keygen -t ed25519-sk -O residentGenerating public/private ed25519-sk key pair.You may need to touch your authenticator to authorize key generation.A resident key scoped to 'ssh:' with user id 'null' already exists.Overwrite key in token (y/n)?
Error details
No response
Environment data
PS C:\Users\xyz\.ssh>$PSVersionTable
Name Value
---------
PSVersion 7.4.1
PSEdition Core
GitCommitId 7.4.1
OS Microsoft Windows 10.0.19045
Platform Win32NT
PSCompatibleVersions {1.0,2.0,3.0,4.0…}
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
WSManStackVersion 3.0
Version
OpenSSH_for_Windows_9.5p1, LibreSSL 3.8.2
Visuals
No response
The text was updated successfully, but these errors were encountered:
robinschwab
changed the title
unneccessary overwriting warning on blank FIDO credentials
unneccessary overwriting warning on FIDO credentials
Jan 17, 2024
Prerequisites
Steps to reproduce
When I use any FIDO device no matter if out of the box or already programmed I get an overwrite warning when adding new keys. On a new device you might just click away this warning. But on a "hot" device this leads to a lot of insecurity. Will it overwrite an existing key? It is a bad habit to get used to click away warnings.
So the suggestion is not to throw a warning when
ssh-keygen
does not overwrite anything.Expected behavior
Actual behavior
Error details
No response
Environment data
Version
OpenSSH_for_Windows_9.5p1, LibreSSL 3.8.2
Visuals
No response
The text was updated successfully, but these errors were encountered: