Question about webauthn signatures?

Damien Miller djm at
Thu May 6 16:02:02 AEST 2021

On Wed, 5 May 2021, Tyson Whitehead wrote:

> I see the PROTOCOL.u2f file defines a webauthn signature type
> string		"webauthn-sk-ecdsa-sha2-nistp256 at"
> string		ecdsa_signature
> byte		flags
> uint32		counter
> string		origin
> string		clientData
> string		extensions
> and it is also listed as supported by my OpenSSH client and sever
> $ ssh -V
> OpenSSH_8.5p1, OpenSSL 1.1.1k  25 Mar 2021
> $ ssh -Q sigs
> ...
> webauthn-sk-ecdsa-sha2-nistp256 at
> $ ssh -v localhost
> ...
> debug1: kex_input_ext_info:
> server-sig-algs=<...,webauthn-sk-ecdsa-sha2-nistp256 at>
> I am very curious what this is for and am hoping someone could elaborate in
> case it might be useful to us? If I try and limit my connection to it, it
> seems to imply there should be some corresponding key type

Without knowing your needs I can't really say whether it would be useful
to you :)

The webauthn signature type (note: note a key type) was added to support
browser-based SSH clients that can only interact with FIDO keys via the
webauthn APIs. These APIs do not allow "bare" FIDO signatures, but
implictly include weborigin information in the signed data.

> $ ssh -v -o
> PubkeyAcceptedAlgorithms=webauthn-sk-ecdsa-sha2-nistp256 at localhost
> ...
> debug1: Skipping sk-ecdsa-sha2-nistp256 at key
> /home/tyson/.ssh/id_ecdsa_sk - corresponding algo not in
> PubkeyAcceptedAlgorithms

Yeah, I need to add it to myproposal.h so it's in the default accepted set.
Until then users need to configure it manually.

> Is there anything that currently uses it? Is it to support ssh client running
> on a server and proxing back the challenge to user via a web-browser? Part of
> certificates somehow?

The only thing that AFAIK uses it is the test Javascript that I wrote:
regress/unittests/sshsig/webauthn.html in the source distribution. If you
stick it on a web server then you can generate FIDO keys and webauthn
signatures that you can verify using ssh-keygen -Y. It's the basis of
the webauthn signature unit tests.


More information about the openssh-unix-dev mailing list