[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Feature request: Support U2F security keys
[Thread Prev] | [Thread Next]
- Subject: Re: Feature request: Support U2F security keys
- From: "t0b@xxxxxxx" <t0b@xxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Mon, 18 May 2020 14:54:48 -0700
- To: libssh@xxxxxxxxxx
Ah great! Never mind then :) > On May 17, 2020, at 23:04, Jakub Jelen <jjelen@xxxxxxxxxx> wrote: > > On Fri, 2020-05-15 at 09:22 -0700, t0b@xxxxxxx wrote: >> Hi, >> OpenSSH 8.2 (https://www.openssh.com/txt/release-8.2) supports >> "ecdsa-sk" and "ed25519-sk” key types to support U2F/FIDO security >> keys and I was wondering if libssh could support them, too? >> For supporting them server-side, I think you'd just need to implement >> the additional key types >> >> sk-ecdsa-sha2-nistp256@xxxxxxxxxxx >> sk-ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx >> sk-ssh-ed25519@xxxxxxxxxxx >> sk-ssh-ed25519-cert-v01@xxxxxxxxxxx >> >> …and parse their signature a bit differently from the normal ecdsa >> and ed25519 signatures. E.g. they include an additional “counter" and >> “user present” value. >> >> Details on the format are here: >> https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.u2f >> >> Let me know what you think. > > The server side support is already in: > > https://bugs.libssh.org/rLIBSSH17b518a677c92d943cf016b81272ec10ee1ca368 > > Regards, > -- > Jakub Jelen > Senior Software Engineer > Security Technologies > Red Hat, Inc. > >
| Feature request: Support U2F security keys | "t0b@xxxxxxx" <t0b@xxxxxxx> |
| Re: Feature request: Support U2F security keys | Jakub Jelen <jjelen@xxxxxxxxxx> |