openssh_key.key_params.sk.SecurityKeyFlag¶

class openssh_key.key_params.sk.SecurityKeyFlag(value)¶

Security key flags supported by OpenSSH.

Attributes

`USER_PRESENCE_REQUIRED`	Whether the private key requires the user to touch it before generating a signature (equivalent to executing `ssh-keygen` without `-O no-touch-required`).
`USER_VERIFCATION_REQUIRED`	Whether the private key requires user verification (equivalent to executing `ssh-keygen` with `-O verify-required`).
`RESIDENT_KEY`	Whether the private key should be stored on the FIDO authenticator (equivalent to executing `ssh-keygen` with `-O resident`).

RESIDENT_KEY = 32¶: Whether the private key should be stored on the FIDO authenticator (equivalent to executing ssh-keygen with -O resident).

USER_PRESENCE_REQUIRED = 1¶: Whether the private key requires the user to touch it before generating a signature (equivalent to executing ssh-keygen without -O no-touch-required).

USER_VERIFCATION_REQUIRED = 4¶: Whether the private key requires user verification (equivalent to executing ssh-keygen with -O verify-required). Not all FIDO authenticators support this option. OpenSSH presently supports only PIN verification.

openssh_key_parser