Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 709808 - =net-misc/openssh-8.2 : USE flags security-key and X509 should be mutually exclusive - configure: WARNING: unrecognized options: --with-security-key-builtin
Summary: =net-misc/openssh-8.2 : USE flags security-key and X509 should be mutually ex...
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo's Team for Core System packages
: 709820 (view as bug list)
Depends on:
Reported: 2020-02-16 13:23 UTC by vltg0903
Modified: 2020-02-16 18:30 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description vltg0903 2020-02-16 13:23:12 UTC
thanks for including the new FIDO2 security key functionality in the openssh-8.2 ebuild, unfortunately openssh-8.2p1+x509-12.4.diff.gz patches it right out again. From the build log:

configure: WARNING: unrecognized options: --with-security-key-builtin

From openssh-8.2p1+x509-12.4.diff:
   --with-pie              Build Position Independent Executables if possible
-  --with-security-key-builtin include builtin U2F/FIDO support
   --with-ssl-dir=PATH     Specify path to OpenSSL installation
(etc pp)

Not sure what's going on there, some collision between that patch and FIDO2 support, or an oversight of which version of ./configure the patch was created against. So for now X509 and security-key flags should probably be mutually exclusive.

Reproducible: Always
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2020-02-16 16:08:15 UTC
*** Bug 709820 has been marked as a duplicate of this bug. ***
Comment 2 Larry the Git Cow gentoo-dev 2020-02-16 18:30:51 UTC
The bug has been closed via the following commit(s):

commit a225fe10e4c21edd8915543c2a4318b00d2144c6
Author:     Patrick McLean <>
AuthorDate: 2020-02-16 18:29:52 +0000
Commit:     Patrick McLean <>
CommitDate: 2020-02-16 18:30:41 +0000

    net-misc/openssh-8.1_p1-r2: Disable X509 and security-key (bug #709808)
    This also makes the warning about restarting sshd actually show when it
    is intended to. This refactors all version warnings by using a flag
    variable set in pkg_preinst to decide whether to show the warning in
    Package-Manager: Portage-2.3.89, Repoman-2.3.20
    Signed-off-by: Patrick McLean <>

 net-misc/openssh/openssh-8.2_p1-r1.ebuild | 23 ++++++++++++++++-------
 1 file changed, 16 insertions(+), 7 deletions(-)