On 17.08.22 12:22, Corinna Vinschen wrote:
So the PIN prompt identifies the key by filename, while the user
presence prompt identifies the key by its fingerprint.
Isn't that a bit puzzeling to the user? Wouldn't it make more sense to
use the same identification string, be it either the filename, or the
fingerprint, but not both?
If my question makes any sense at all, I would prefer the filename.
It's much easier to recognize than a fingerprint.
There actually is a more general context (beyond FIDO and other secure
storage forms of keypairs) to that. Observe:
$ ssh-add .ssh/id_ed25519
Enter passphrase for .ssh/id_ed25519:
Identity added: .ssh/id_ed25519 (Jochen.Bern+ed25519@xxxxxxxxx)
$ ssh-add -l
256 SHA256:hs4PHi7JJYXm+7jRxoHy2PYmBlVQNZw7eRYba3IExss Jochen.Bern+ed25519@xxxxxxxxx (ED25519)
So, file, file+comment, (size+)fingerprint+comment(+type).
Of course, as soon as an SSH agent comes into play, the name of the file
the (priv)key(pair) was originally loaded from is likely forgotten. Or,
if the agent is forwarded, outright meaningless. And we all know that
the comment is trivial to change (the key type wasn't in there when I
*created* the keypairs, I added it when I found that it helps telling
multiple keypairs apart when sshaskpass makes an appearance - stating
comment+fingerprint). Which currently leaves the fingerprint as the
"best to handle"¹ *immutable* ID ...
(¹ Think "sshaskpass and a) entire pubkey in hex or b) ASCII art")
Regards,
--
Jochen Bern
Systemingenieur
Binect GmbH
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
