Message ID | 20240405171056.3300551-1-danismostlikely@gmail.com |
---|---|
State | New |
Headers | show |
Series | openssh: add fido2 support | expand |
On Fri, 2024-04-05 at 11:10 -0600, Dan McGregor wrote: > From: Dan McGregor <dan.mcgregor@usask.ca> > > OpenSSH supports FIDO security keys in both the client > and server. Add an option to support them in oe. > This change requires a new recipe that I've submitted to > meta-openembedded that has not merged yet. > > Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca> > --- > meta/recipes-connectivity/openssh/openssh_9.6p1.bb | 1 + > 1 file changed, 1 insertion(+) Which branch is this against? Cheers, Richard
On Sat, 6 Apr 2024 at 01:28, Richard Purdie <richard.purdie@linuxfoundation.org> wrote: > > On Fri, 2024-04-05 at 11:10 -0600, Dan McGregor wrote: > > From: Dan McGregor <dan.mcgregor@usask.ca> > > > > OpenSSH supports FIDO security keys in both the client > > and server. Add an option to support them in oe. > > This change requires a new recipe that I've submitted to > > meta-openembedded that has not merged yet. > > > > Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca> > > --- > > meta/recipes-connectivity/openssh/openssh_9.6p1.bb | 1 + > > 1 file changed, 1 insertion(+) > > Which branch is this against? The intent is master/scarthgap. The change mentioned is now in meta-openembedded master. > > Cheers, > > Richard
On Mon, 2024-04-08 at 11:55 -0600, Dan McGregor wrote: > On Sat, 6 Apr 2024 at 01:28, Richard Purdie > <richard.purdie@linuxfoundation.org> wrote: > > > > On Fri, 2024-04-05 at 11:10 -0600, Dan McGregor wrote: > > > From: Dan McGregor <dan.mcgregor@usask.ca> > > > > > > OpenSSH supports FIDO security keys in both the client > > > and server. Add an option to support them in oe. > > > This change requires a new recipe that I've submitted to > > > meta-openembedded that has not merged yet. > > > > > > Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca> > > > --- > > > meta/recipes-connectivity/openssh/openssh_9.6p1.bb | 1 + > > > 1 file changed, 1 insertion(+) > > > > Which branch is this against? > > The intent is master/scarthgap. The change mentioned is now in > meta-openembedded master. Right, but scarthgap/master have: meta/recipes-connectivity/openssh/openssh_9.7p1.bb so this doesn't apply. I then have to wonder what it was tested against. At this point in the release cycle that is a significant worry. Cheers, Richard
diff --git a/meta/recipes-connectivity/openssh/openssh_9.6p1.bb b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb index edd8e8c2d18..d941664b417 100644 --- a/meta/recipes-connectivity/openssh/openssh_9.6p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb @@ -58,6 +58,7 @@ DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d) # systemd-sshd-socket-mode means installing sshd.socket # and systemd-sshd-service-mode corresponding to sshd.service PACKAGECONFIG ??= "systemd-sshd-socket-mode" +PACKAGECONFIG[fido2] = "--with-security-key-builtin,--disable-security-key,libfido2" PACKAGECONFIG[kerberos] = "--with-kerberos5,--without-kerberos5,krb5" PACKAGECONFIG[ldns] = "--with-ldns,--without-ldns,ldns" PACKAGECONFIG[libedit] = "--with-libedit,--without-libedit,libedit"