Feature Request: Ability to build verify-only routines without udev being present #297
Comments
That is a fair request. There is prior art in that regard; for reference, libfido2 has been patched not to use udev here: oasislinux@eec0c3a#diff-10af2e83f2ada0a5e41a2b34a1a8b4fc889b4b7c768254c47fe883fd40613e13.
I don't think that's true; OpenSSH only uses libfido2 when it needs to talk to a FIDO device. As such, the only feature you lose by not activating the bits and pieces that use libfido2 in a OpenSSH server is the ability to use a FIDO device to store the host key; the verification of FIDO signatures is unaffected. |
Oh, my bad, I'd completely missed the Well, this is a bit invalid then, but I'll leave the issue open due to your prior art link. |
I would like the ability to build libfido2 without having to build against udev. Put simply, I would like to be able to use the library to verify FIDO signatures and such, but I don't need to be able to talk to any local FIDO hardware tokens.
This would end up being useful for OpenSSH, which has libfido2 as a dependency (if you build it with FIDO security key support). At the moment, OpenSSH with FIDO support is unusable on a machine that does not have udev, even if you only want to use FIDO functionality in the OpenSSH server on that machine.
The text was updated successfully, but these errors were encountered: