I've been playing this since 8.3p1 came out in a Tumbleweed snapshot, and it works fine, except when I try to add a second Yubikey. My first key (a Yubikey 5c Nano) was set up with "ssh-keygen -t ecdsa-sk" using the default key files (~/.ssh/id_ecdsa_sk*), but when I try to do the same for a second key (a Yubikey 5 NFC, using USB), the light doesn't flash on the Yubikey when I'm prompted to press the Yubikey's button, so I'm not prompted for where to store the new key pair. If I press its button, ssh-keygen complains about a bad format, and gnome-terminal echos what looks like an OTP string from the Yubikey. After this happens, the first key will not work for ssh authentication for a while (a few hours to a couple of days), even if I reboot the system. Both keys continue t work with a browser (Vivaldi), though. Any ideas of how to diagnose what's going on? Should I submit a bug report? Is this better reported to the openssh project? David On 6/6/20 10:21 PM, David Walker wrote:
Thanks, Hans Petter. I'll wait for it to show up and then report back if I find anything amiss.
David
On 6/6/20 5:42 PM, Hans Petter Jansson wrote:
On Fri, 2020-06-05 at 13:58 -0700, David Walker wrote:
As it happens, I got a new Yubikey yesterday, so I tried the 1-Click install for openssh 8.3p1 and got:
An error occurred while initializing the software repository. Details: https-download.opensuse.org-7f613772: [https- download.opensuse.org-7f613772| https://download.opensuse.org/repositories/home:/hpjansson:/openssh-8.3/open... ] Valid metadata not found at specified URL History: - [https-download.opensuse.org-7f613772| https://download.opensuse.org/repositories/home:/hpjansson:/openssh-8.3/open... ] Repository type can't be determined.
Is there a prescribed way to install this? The repo wasn't set to publish RPMs. I've turned it on now, so if you try again it should work. If it doesn't, it might be simpler to just wait for the packages to land in Factory. That should be happening very soon.