From 2e71263b80fec7ad977e098004fef7d122169d40 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 25 Nov 2019 00:54:23 +0000 Subject: upstream: add a "no-touch-required" option for authorized_keys and a similar extension for certificates. This option disables the default requirement that security key signatures attest that the user touched their key to authorize them. feedback deraadt, ok markus OpenBSD-Commit-ID: f1fb56151ba68d55d554d0f6d3d4dba0cf1a452e --- auth-options.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'auth-options.h') diff --git a/auth-options.h b/auth-options.h index 14cbfa49..d96ffede 100644 --- a/auth-options.h +++ b/auth-options.h @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-options.h,v 1.28 2019/07/09 04:15:00 djm Exp $ */ +/* $OpenBSD: auth-options.h,v 1.29 2019/11/25 00:54:23 djm Exp $ */ /* * Copyright (c) 2018 Damien Miller @@ -68,6 +68,9 @@ struct sshauthopt { */ char *required_from_host_cert; char *required_from_host_keys; + + /* Key requires user presence asserted */ + int no_require_user_presence; }; struct sshauthopt *sshauthopt_new(void); -- cgit v1.2.1