openssh bugs - Nov 2022 - [Bug 3491] Cannot import FIDO2 keys when macOS lockdown mode enabled

https://bugzilla.mindrot.org/show_bug.cgi?id=3491

            Bug ID: 3491
           Summary: Cannot import FIDO2 keys when macOS lockdown mode
                    enabled
           Product: Portable OpenSSH
           Version: 9.1p1
          Hardware: All
                OS: Mac OS X
            Status: NEW
          Severity: normal
          Priority: P5
         Component: ssh-add
          Assignee: unassigned-bugs at mindrot.org
          Reporter: vivithecanine at gmail.com

Overview: Enabling Lockdown mode on macOS 13.0 breaks FIDO2 security
key authentication.

As a note, I am using the Homebrew version of OpenSSH as the version
bundled with macOS is woefully ancient, it was however working before
lockdown mode was activated.

The documentation on Lockdown Mode is unfortunately sparse, but here is
a marketing blurb on the feature set.
https://www.apple.com/newsroom/2022/07/apple-expands-commitment-to-protect-users-from-mercenary-spyware/

This feature automatically requires USB allow listing and seemingly
alters some other behavior that OpenSSH relies on.

FIDO2 authentication behaves as expected in Google Chrome and the
Yubico Manager with my Yubikey 5 NFC. I can still list and add/remove
Discoverable Credentials without a hitch.

Steps to Reproduce:

1) Enroll security keys on a FIDO2 token on a macOS machine
https://xeiaso.net/blog/yubikey-ssh-key-storage
2) Enable Lockdown Mode https://support.apple.com/en-us/HT212650
3) Attempt to add a key to ssh-agent using ssh-add -K or use ssh-keygen
-K
4) Enter your FIDO2 PIN

Actual results:
OpenSSH emits the following error
Unable to add key ED25519-SK SHA256:<fingerprint>

Expected results:
OpenSSH would request a presence touch on the Yubikey and successfully
import the key material

Build and OS Version:

% ssh -V
OpenSSH_9.1p1, OpenSSL 1.1.1q  5 Jul 2022

% sw_vers
ProductName:            macOS
ProductVersion:         13.0
BuildVersion:           22A380

Debug output from ssh-add below:

% ssh-add -K -vvv
Enter PIN for authenticator:
debug3: start_helper: started pid=21930
debug3: ssh_msg_send: type 5
debug3: ssh_msg_recv entering
debug1: start_helper: starting
/opt/homebrew/Cellar/openssh/9.1p1/libexec/ssh-sk-helper
debug1: sshsk_load_resident: provider "internal", have-pin
debug1: sk_probe: 1 device(s) detected
debug1: sk_probe: selecting sk by touch
debug1: ssh_sk_load_resident_keys: trying ioreg://4294976002
debug1: check_sk_options: option uv is unknown
debug1: read_rks: existing 4, remaining 21
debug1: read_rks: Device ioreg://4294976002 has resident keys for 3 RPs
debug1: read_rks: rp 0: name="(none)"
id="login.microsoft.com"
hashlen=32
debug1: read_rks: rp 1: name="(none)" id="ssh:vivithecanine"
hashlen=32
debug1: read_rks: RP "ssh:vivithecanine" has 1 resident keys
debug1: read_rks: Device ioreg://4294976002 RP "ssh:vivithecanine"
user
"openssh" uidlen 32 slot 0: type -8 flags 0x00 prot 0x03
debug1: read_rks: rp 2: name="(none)" id="ssh:user"
hashlen=32
debug1: read_rks: RP "ssh:user" has 1 resident keys
debug1: read_rks: Device ioreg://4294976002 RP "ssh:user" user
"openssh" uidlen 32 slot 0: type -8 flags 0x00 prot 0x03
debug3: sshsk_load_resident: rk 0: slot 0, alg 1, app
"ssh:vivithecanine", uidlen 32
debug3: sshsk_load_resident: rk 1: slot 0, alg 1, app "ssh:user",
uidlen 32
debug1: process_load_resident: key 0 ED25519-SK ssh:vivithecanine
uidlen 32
debug1: process_load_resident: key 1 ED25519-SK ssh:user uidlen 32
debug1: main: reply len 371
debug3: ssh_msg_send: type 5
debug3: reap_helper: pid=21930
debug1: sshsk_load_resident: srks[0]: ED25519-SK ssh:vivithecanine
uidlen 32
debug1: sshsk_load_resident: srks[1]: ED25519-SK ssh:user uidlen 32
Unable to add key ED25519-SK SHA256:[redacted]
Unable to add key ED25519-SK SHA256:[redacted]

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3491

vivithecanine at gmail.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
          Component|ssh-add                     |ssh

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3491

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org

--- Comment #1 from Damien Miller <djm at mindrot.org>
---
>From the debug log, it appears that ssh-add was successfully
downloading the keys from your FIDO2 token, but failing to add them to
ssh-agent. I wonder if lockdown mode is simply breaking ssh-agent?

Could you confirm that key download works using "ssh-keygen -K"?

If that works, are you able to add them to ssh-agent directly using
ssh-add?

According to https://support.apple.com/en-us/HT212650 it is possible to
exempt particular applications from the lockdown. Maybe you could
exempt ssh-agent?

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.