[Bug 3463] New: cannot get ed25519-sk residental key with fido2

[bugzilla-daemon at mindrot.org]

https://bugzilla.mindrot.org/show_bug.cgi?id=3463

            Bug ID: 3463
           Summary: cannot get ed25519-sk residental key with fido2
           Product: Portable OpenSSH
           Version: v9.0p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh-keygen
          Assignee: unassigned-bugs at mindrot.org
          Reporter: sergey at markow.su

./ssh-keygen -t ed25519-sk -O resident
Generating public/private ed25519-sk key pair.
You may need to touch your authenticator to authorize key generation.
Enter PIN for authenticator: 
Key enrollment failed: invalid format

It looks like this feature was broker since 8.2.

Openssh 9.0 was build with:
../configure --with-security-key-builtin --with-md5-passwords
--with-selinux --with-privsep-path=$HOME/openssl-8/test-openssh
--sysconfdir=$HOME/openssl-8/test-openssh
--prefix=$HOME/openssl-8/test-openssh --enable-security-key
--enable-fido2

for instance expected result (it was taken from 8.2 version):
./ssh-keygen -t ed25519-sk -O resident
Generating public/private ed25519-sk key pair.
You may need to touch your authenticator to authorize key generation.
Enter file in which to save the key (/home/galina/.ssh/id_ed25519_sk):
./id_ed25519_sk
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in ./id_ed25519_sk
Your public key has been saved in ./id_ed25519_sk.pub
The key fingerprint is:
SHA256:+3o85xn1NtIUJGfQupvtCQpb2gQmSXviP3bbcuHZ+R0 galina at galina
The key's randomart image is:
+[ED25519-SK 256]-+
|             oo+ |
|              =. |
|       .      .. |
|      . o    .  .|
|       =S+    o. |
|      . =..  +o. |
|       ..o oooBE+|
|        .+ at o+Oo==|
|        o*+B*..o+|
+----[SHA256]-----+

-- 
You are receiving this mail because:
You are watching the assignee of the bug.