Question about webauthn signatures?

Tyson Whitehead twhitehead at
Thu May 6 06:21:39 AEST 2021

I see the PROTOCOL.u2f file defines a webauthn signature type

string		"webauthn-sk-ecdsa-sha2-nistp256 at"
string		ecdsa_signature
byte		flags
uint32		counter
string		origin
string		clientData
string		extensions

and it is also listed as supported by my OpenSSH client and sever

$ ssh -V
OpenSSH_8.5p1, OpenSSL 1.1.1k  25 Mar 2021
$ ssh -Q sigs
webauthn-sk-ecdsa-sha2-nistp256 at
$ ssh -v localhost
debug1: kex_input_ext_info: server-sig-algs=<...,webauthn-sk-ecdsa-sha2-nistp256 at>

I am very curious what this is for and am hoping someone could elaborate in case it might be useful to us? If I try and limit my connection to it, it seems to imply there should be some corresponding key type

$ ssh -v -o PubkeyAcceptedAlgorithms=webauthn-sk-ecdsa-sha2-nistp256 at localhost
debug1: Skipping sk-ecdsa-sha2-nistp256 at key /home/tyson/.ssh/id_ecdsa_sk - corresponding algo not in PubkeyAcceptedAlgorithms

Is there anything that currently uses it? Is it to support ssh client running on a server and proxing back the challenge to user via a web-browser? Part of certificates somehow?

Thanks!  -Tyson

More information about the openssh-unix-dev mailing list