diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2019-12-15 18:57:31 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2019-12-15 18:57:31 +0000 |
| commit | 1a25b7ff9e9f165c34803a8a9237417e96fcdb05 (patch) | |
| tree | 6eb3e3e2bc01cc9537c1b66f4b88c31af03db3d0 /usr.bin/ssh/monitor.c | |
| parent | 7386aa33e5011a92af174a6154f235980075deb9 (diff) | |
allow security keys to act as host keys as well as user keys.
Previously we didn't do this because we didn't want to expose
the attack surface presented by USB and FIDO protocol handling,
but now that this is insulated behind ssh-sk-helper there is
less risk.
ok markus@
Diffstat (limited to 'usr.bin/ssh/monitor.c')
| -rw-r--r-- | usr.bin/ssh/monitor.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/usr.bin/ssh/monitor.c b/usr.bin/ssh/monitor.c index 0ffc063f71e..91715274e4d 100644 --- a/usr.bin/ssh/monitor.c +++ b/usr.bin/ssh/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.205 2019/11/25 10:23:36 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.206 2019/12/15 18:57:30 djm Exp $ */ /* * Copyright 2002 Niels Provos <provos@citi.umich.edu> * Copyright 2002 Markus Friedl <markus@openbsd.org> @@ -613,7 +613,7 @@ mm_answer_sign(struct ssh *ssh, int sock, struct sshbuf *m) if ((key = get_hostkey_by_index(keyid)) != NULL) { if ((r = sshkey_sign(key, &signature, &siglen, p, datlen, alg, - NULL, compat)) != 0) + options.sk_provider, compat)) != 0) fatal("%s: sshkey_sign failed: %s", __func__, ssh_err(r)); } else if ((key = get_hostkey_public_by_index(keyid, ssh)) != NULL && |