On Fri, 1 Nov 2019 19:36:16 +1100 (AEDT) Damien Miller <djm@xxxxxxxxxxx> wrote: > Theft or disclosure of the on-disk id_ecdsa_sk private > key alone should yield attackers the ability to authenticate using a > U2F token Just to clarify: I assume that should read "should *not* yield"? (Great stuff, by the way.) Christian _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev