!PbtOpdWBSRFbEZRLIf:numtide.com

Nix Community Projects

642 Members
Meta discussions related to https://nix-community.org. (For project specific discussions use github issues or projects own matrix channel). Need help from an admin? Open an issue on https://github.com/nix-community/infra/issues163 Servers

Load older messages

SenderMessageTime
4 Dec 2023
@kranzes:matrix.orgIlan Joselevich (Kranzes)image.png
Download image.png		15:10:05
@kranzes:matrix.orgIlan Joselevich (Kranzes)Ok nvm15:10:06
@kranzes:matrix.orgIlan Joselevich (Kranzes)image.png
Download image.png		15:12:12
@kranzes:matrix.orgIlan Joselevich (Kranzes)durrr15:12:13
@lily:lily.flowersLily Foster
In reply to @kranzes:matrix.org
sent an image.
"fixed" 		15:12:28
@kranzes:matrix.orgIlan Joselevich (Kranzes)"Fixed"15:12:35
@kranzes:matrix.orgIlan Joselevich (Kranzes)lol15:12:48
@lily:lily.flowersLily Fosterso yeah i guess nix-darwin is gonna need support for running our openssh if we really wanted to support -sk keys. but the more i read, the more that sounds non-trivial.....15:13:42
@kranzes:matrix.orgIlan Joselevich (Kranzes)can't find libsk-libfido2.dylib in nixpkgs15:13:58
@lily:lily.flowersLily Fosterdoes it not just need libfido2.dylib or is the libsk-libfido2 some special shared lib that's only needed on macos?15:15:14
@lily:lily.flowersLily Foster our openssh is built with --with-security-key-builtin=yes and i can confirm that it does use libfido2.dylib 15:15:37
@lily:lily.flowersLily Fosteror at least references it15:15:41
@kranzes:matrix.orgIlan Joselevich (Kranzes)image.png
Download image.png		15:16:28
@lily:lily.flowersLily Foster ssh-sk-helper in the darwin openssh package from nixpkgs has /nix/store/16ccmy0kylpjgnplh0rkyx4az3gzy5rj-openssl-3.0.12/lib/libcrypto.3.dylib as LC_LOAD_DYLIB on the mach-o 15:16:55
@kranzes:matrix.orgIlan Joselevich (Kranzes) i tried using nix-locate 15:17:25
@lily:lily.flowersLily Foster * ssh-sk-helper in the darwin openssh package from nixpkgs has /nix/store/czcpqds7n8211xjbb1v6sdh8qizpmq6g-libfido2-1.13.0/lib/libfido2.1.dylib as LC_LOAD_DYLIB on the mach-o 15:17:27
@kranzes:matrix.orgIlan Joselevich (Kranzes)couldn't find libsk-libfido215:17:31
@lily:lily.flowersLily Fosterbut what even is that. our openssh on linux doesn't have that either, so is it something darwin specific??15:17:54
@kranzes:matrix.orgIlan Joselevich (Kranzes)https://github.com/Yubico/libfido2/pull/6515:18:14
@lily:lily.flowersLily Fostereither way, our openssh is built with the flag that is supposed to enable that support and the helper is successfully built. so i really don't see why it wouldn't work with it15:18:18
@kranzes:matrix.orgIlan Joselevich (Kranzes)idk what to do anymore 😭15:19:26
@kranzes:matrix.orgIlan Joselevich (Kranzes)so many different issues saying different things15:19:37
@lily:lily.flowersLily Fosterthat was removed in https://github.com/Yubico/libfido2/commit/2ba6c6afe5f2d1717bf366da043ccb515fbed8de15:19:48
@lily:lily.flowersLily Fosterso ssh-sk-helper is the equivalent to that lib now15:20:08
@lily:lily.flowersLily Fosterand is what we build15:20:10
@lily:lily.flowersLily Fosterwe just don't have a way currently to use nixpkgs openssh's sshd instead of macOS's15:20:28
@kranzes:matrix.orgIlan Joselevich (Kranzes)can we just use SK_PROVIDER thing for now?15:21:41
@kranzes:matrix.orgIlan Joselevich (Kranzes)to test it out15:21:43
@lily:lily.flowersLily Fosterwhat, with apple's openssh?15:21:54
@kranzes:matrix.orgIlan Joselevich (Kranzes)yeah15:22:07

Show newer messages

Back to Room ListRoom Version: 6