Trezor Firmware 1.3.4

A few days ago we released a new 1.3.4 version of Trezor firmware. This is an optional stable release, which includes the following changes:

Trezor now shows seconds counter during PIN lockdown (after the wrong PIN is entered), so you now know how long you should wait until another PIN can be entered:

When you close the myTREZOR browser tab, the screensaver of the device is activated. The screen is turned on again when you perform another operation via myTREZOR.

The biggest addition is that thanks to the great work by Roman Zeyde Trezor firmware now also supports NIST P-256 elliptic curve. This addition does not affect Bitcoin at all, but it means you can now use Trezor for SSH login to your servers which support it (OpenSSH 5.7 or newer is needed).

In order to use this exciting feature upgrade your Trezor firmware and follow these steps:

install trezor agent on your client machine:

$ sudo pip install trezor_agent

2. generate the public key using trezor-agent (enter a scrambled PIN as you would in myTREZOR)

3. log in to your server as usual and copy the row containing the ECDSA magic from the previous step into ~/.ssh/authorized_keys file on your server

4) from now on you can log in to your server using trezor using the following command:

Note #1: The generated keys depend on the user@example.com parameter, so no two servers/users share the same key.

Note #2: This method can also be used for git push or other mechanisms that are using SSH as their communication protocol: