u2f / libfido2 version

Sean Liao seankhliao at gmail.com
Mon Jan 13 10:27:50 AEDT 2020

Thanks for the hint,
got it working by not setting $SSH_SK_PROVIDER
which I thought was necessary from the initial email

As an aside,
the error message for ed25519-sk not being supported could be more explicit
currently it just exits after "You may need to touch ..."
with debug its "debug1: client_converse: helper returned error -4"
and the ssh-sk-helper logs:
error: Security key provider "internal" returned failure -1
error: ssh-sk-helper: Enrollment failed: invalid format


On Sun, Jan 12, 2020 at 3:22 PM Markus Friedl <mfriedl at gmail.com> wrote:
> You should use the provider library shipped
> with openssh, because we did not update the initial version that’s included in libfido2
> -m
> Sean Liao <seankhliao at gmail.com> schrieb am Fr. 10. Jan. 2020 um 02:14:
>> Hi,
>> So I finally have time to test the u2f support
>> but so far I haven't been very successful,
>> Specifically, current HEAD has
>> SSH_SK_VERSION_MAJOR           0x00040000
>> and I can't seem to find a matching libfido2 version,
>> current HEAD of Yubico/libfido2 is 0x00020000
>> Is there a more up to date libfido2
>> or a particular commit of openssh-portable
>> I should be using?
>> thanks
>> Sean
>> _______________________________________________
>> openssh-unix-dev mailing list
>> openssh-unix-dev at mindrot.org
>> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

More information about the openssh-unix-dev mailing list