Hi, thanks for including the new FIDO2 security key functionality in the openssh-8.2 ebuild, unfortunately openssh-8.2p1+x509-12.4.diff.gz patches it right out again. From the build log: configure: WARNING: unrecognized options: --with-security-key-builtin From openssh-8.2p1+x509-12.4.diff: --with-pie Build Position Independent Executables if possible - --with-security-key-builtin include builtin U2F/FIDO support --with-ssl-dir=PATH Specify path to OpenSSL installation (etc pp) Not sure what's going on there, some collision between that patch and FIDO2 support, or an oversight of which version of ./configure the patch was created against. So for now X509 and security-key flags should probably be mutually exclusive. Reproducible: Always
*** Bug 709820 has been marked as a duplicate of this bug. ***
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a225fe10e4c21edd8915543c2a4318b00d2144c6 commit a225fe10e4c21edd8915543c2a4318b00d2144c6 Author: Patrick McLean <chutzpah@gentoo.org> AuthorDate: 2020-02-16 18:29:52 +0000 Commit: Patrick McLean <chutzpah@gentoo.org> CommitDate: 2020-02-16 18:30:41 +0000 net-misc/openssh-8.1_p1-r2: Disable X509 and security-key (bug #709808) This also makes the warning about restarting sshd actually show when it is intended to. This refactors all version warnings by using a flag variable set in pkg_preinst to decide whether to show the warning in pkg_postinst. Closes: https://bugs.gentoo.org/709808 Bug: https://bugs.gentoo.org/709748 Package-Manager: Portage-2.3.89, Repoman-2.3.20 Signed-off-by: Patrick McLean <chutzpah@gentoo.org> net-misc/openssh/openssh-8.2_p1-r1.ebuild | 23 ++++++++++++++++------- 1 file changed, 16 insertions(+), 7 deletions(-)
