[Bug 3748] "webauthn-sk-ecdsa-sha2-nistp256 at openssh.com" signature type not supported from ssh agent

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Sat Nov 2 00:12:11 AEDT 2024


https://bugzilla.mindrot.org/show_bug.cgi?id=3748

--- Comment #2 from bmhomer13 at gmail.com ---
Thanks for confirming the status of webauthn support, this is what I
suspected.

I tried to disable the check you mentioned, this does resolve the error
on the client-side. However, I then run into the following on the
server-side: "debug3: mm_answer_keyverify: publickey ECDSA-SK-CERT
signature unverified: incomplete message"

I checked that my agent code produces a signature which is the same as
https://github.com/openssh/openssh-portable/blob/master/regress/unittests/sshsig/webauthn.html
given the same inputs, so not sure what happened here yet.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list