[PATCH aurweb] Allow FIDO/U2F SSH security keys
Steven Guikal
void at fluix.one
Thu Jun 10 17:39:11 UTC 2021
These were added in OpenSSH bersion 8.2[1].
Fixes #36
[1]: https://www.openssh.com/txt/release-8.2
---
Just a heads up that I haven't tested this and aren't sure if the keys
are used anywhere else that may be affected (though a grep makes me
think they aren't).
web/lib/acctfuncs.inc.php | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php
index df016c6d..efc08331 100644
--- a/web/lib/acctfuncs.inc.php
+++ b/web/lib/acctfuncs.inc.php
@@ -877,7 +877,8 @@ function valid_pgp_fingerprint($fingerprint) {
function valid_ssh_pubkey($pubkey) {
$valid_prefixes = array(
"ssh-rsa", "ssh-dss", "ecdsa-sha2-nistp256",
- "ecdsa-sha2-nistp384", "ecdsa-sha2-nistp521", "ssh-ed25519"
+ "ecdsa-sha2-nistp384", "ecdsa-sha2-nistp521", "ssh-ed25519",
+ "sk-ssh-ecdsa at openssh.com", "sk-ssh-ed25519 at openssh.com"
);
$has_valid_prefix = false;
--
2.32.0
More information about the aur-dev
mailing list