[Bug 3748] "webauthn-sk-ecdsa-sha2-nistp256 at openssh.com" signature type not supported from ssh agent
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Mon Jun 2 08:38:19 AEST 2025
https://bugzilla.mindrot.org/show_bug.cgi?id=3748
Jó Ágila Bitsch <jgilab at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jgilab at gmail.com
--- Comment #6 from Jó Ágila Bitsch <jgilab at gmail.com> ---
Created attachment 3881
--> https://bugzilla.mindrot.org/attachment.cgi?id=3881&action=edit
patch for allowing webauthn signatures via ssh agent
I was running into the same problem and would like to suggest the
following (see patch):
* add special handling for KEY_ECDSA_SK in
sshkey_match_keyname_to_sigalgs as already exists for KEY_RSA
* use sshkey_match_keyname_to_sigalgs instead of sshkey_sigalg_by_name
in sshkey_check_sigtype.
Does that make sense or am I overlooking something obvious?
I did not yet check, if certs would need special handling as well.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list