Security of ssh across a LAN, public key versus password
Christian Weisgerber
naddy at mips.inka.de
Wed Oct 23 05:37:37 AEDT 2024
David Lang:
> hmm, what I'm finding doesn't seem to use the FIDO challenge/response to the
> server,
It does. That's why new key types (ECDSA-SK, ED25519-SK) were
required to accommodate the existing FIDO challenge/response format.
> instead it looks like a public/private key that's unlocked with a
> touch, possibly storing the private key on the hardware dongle (but it seems
> like there's still a key you need to put on the client system)
In the U2F/FIDO WebAuthn model,
* on key generation
. the private key is kept on the authenticator,
. the public key and a key handle are sent to the remote server,
* and on key use
. the remote server sends a challenge and includes the key handle,
. the authenticator generates a response.
With OpenSSH,
* on key generation
. the FIDO private key is kept on the authenticator,
. the FIDO public key becomes the SSH public key,
. the FIDO key handle makes up the SSH private key,
* and on key use
. the remote server sends a FIDO challenge, and the SSH client
supplies the FIDO key handle to the authenticator,
. the authenticator generates a FIDO response which the SSH client
forwards to the remote server.
The only principal difference is the disposition of the FIDO key handle.
--
Christian "naddy" Weisgerber naddy at mips.inka.de
More information about the openssh-unix-dev
mailing list