Bug 3325

Summary: ssh-keygen -K can't import multiple keys with the same app
Product: Portable OpenSSH Reporter: contact
Component: ssh-keygenAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED FIXED    
Severity: enhancement CC: djm
Priority: P5    
Version: 8.6p1   
Hardware: Other   
OS: Linux   
Bug Depends on:    
Bug Blocks: 3353    

Description contact 2021-06-22 20:09:37 AEST 
When creating two keys using ssh-keygen and a SoloKey, but different usernames, ssh-keygen -K will later be unable to import both, instead overwriting keys. There is no way to change the key output or select keys to import.
Comment 1 Damien Miller 2021-10-28 14:40:35 AEDT 
This is fixed in git HEAD and will be in openssh-8.9

commit 0001d04e55802d5bd9d6dece1081a99aa4ba2828
Author: djm@openbsd.org <djm@openbsd.org>
Date:   Thu Oct 28 02:54:18 2021 +0000

    upstream: When downloading resident keys from a FIDO token, pass
    
    back the user ID that was used when the key was created and append it to the
    filename the key is written to (if it is not the default).
    
    Avoids keys being clobbered if the user created multiple
    resident keys with the same application string but different
    user IDs.
    
    feedback Pedro Martelletto; ok markus
    
    NB. increments SSH_SK_VERSION_MAJOR
    
    OpenBSD-Commit-ID: dbd658b5950f583106d945641a634bc6562dd3a3
Comment 2 Damien Miller 2022-02-25 13:57:59 AEDT 
closing bugs resolved before openssh-8.9