Question about webauthn signatures?
Damien Miller
djm at mindrot.org
Thu May 6 16:02:02 AEST 2021
On Wed, 5 May 2021, Tyson Whitehead wrote:
> I see the PROTOCOL.u2f file defines a webauthn signature type
>
> string "webauthn-sk-ecdsa-sha2-nistp256 at openssh.com"
> string ecdsa_signature
> byte flags
> uint32 counter
> string origin
> string clientData
> string extensions
>
> and it is also listed as supported by my OpenSSH client and sever
>
> $ ssh -V
> OpenSSH_8.5p1, OpenSSL 1.1.1k 25 Mar 2021
> $ ssh -Q sigs
> ...
> webauthn-sk-ecdsa-sha2-nistp256 at openssh.com
> $ ssh -v localhost
> ...
> debug1: kex_input_ext_info:
> server-sig-algs=<...,webauthn-sk-ecdsa-sha2-nistp256 at openssh.com>
>
> I am very curious what this is for and am hoping someone could elaborate in
> case it might be useful to us? If I try and limit my connection to it, it
> seems to imply there should be some corresponding key type
Without knowing your needs I can't really say whether it would be useful
to you :)
The webauthn signature type (note: note a key type) was added to support
browser-based SSH clients that can only interact with FIDO keys via the
webauthn APIs. These APIs do not allow "bare" FIDO signatures, but
implictly include weborigin information in the signed data.
> $ ssh -v -o
> PubkeyAcceptedAlgorithms=webauthn-sk-ecdsa-sha2-nistp256 at openssh.com localhost
> ...
> debug1: Skipping sk-ecdsa-sha2-nistp256 at openssh.com key
> /home/tyson/.ssh/id_ecdsa_sk - corresponding algo not in
> PubkeyAcceptedAlgorithms
Yeah, I need to add it to myproposal.h so it's in the default accepted set.
Until then users need to configure it manually.
> Is there anything that currently uses it? Is it to support ssh client running
> on a server and proxing back the challenge to user via a web-browser? Part of
> certificates somehow?
The only thing that AFAIK uses it is the test Javascript that I wrote:
regress/unittests/sshsig/webauthn.html in the source distribution. If you
stick it on a web server then you can generate FIDO keys and webauthn
signatures that you can verify using ssh-keygen -Y. It's the basis of
the webauthn signature unit tests.
-d
More information about the openssh-unix-dev
mailing list