Open nestire opened 1 month ago
robin-nitrokey
commented
1 month ago The timeout is defined in admin-app and currently set to 15 seconds:
https://github.com/Nitrokey/admin-app/blob/4dd16c02e93b928e722c6d2d1fd301681d0f02df/src/admin.rs#L17
Is a 5 second increase really enough to make a difference? If we change it, shouldn’t we go for something like 30 seconds directly?
nestire
commented
1 month ago yes 30 sec should be well then enough
robin-nitrokey
commented
1 month ago @nestire I might have misunderstood your request because nitrokey-app2 and Qubes is directly linked to bootloader issues in my brain. ^^ You were actually referring to the FIDO2 reset, right?
daringer
commented
1 month ago Oh, right if it's the FIDO2 timeout can we even change it ?
from the specs: 6.6:
In case of authenticators with no display, request MUST have come to the authenticator within 10 seconds of powering up of the authenticator.
robin-nitrokey
commented
1 month ago Yes, that timeout is fixed.
Backround is that under Qubes it takes much longer to attach a devices to the relevant qube (3 Clicks) and then execute the reset special if you use the nitrokey-app2 this leaves not much margin. A 20 Second Timeout should be enough