search for: sk_sign

...ementation(sk-usbhic.c) however since Windows 10 version 1903 this requires administrator privileges. I'm trying to create a module for OpenSSH to use webauthn.dll instead of direct calling to libfido2 to eliminate the need for administrator privileges I noticed that in ssh-sk.c in function sshsk_sign you hash the input data before passing it to external module sk_sign function. The problem is, Windows API automatically hash the input before sending it to fido device, so I need to receive the data without hashing to be able to use this or else the data will be hashed two times and verification w...

Hi, Sometimes, users might find that the `ssh-sk-helper` crashes after enrolling a new key when using external SK libraries. Currently, the memory returned by SK APIs is freed by the host, but external libraries may have their own methods of handling memory. For instance some external libraries are linked against a foreign libc statically. As a result, the `ssh-sk-helper` would have issues if

...entation to stay in sync. However, it seems that libfido2 no longer provides the ?libsk-libfido2.so? library that it used to. That was something I was counting on being able to link against in AsyncSSH, so I didn?t have to directly call into libfido2 and could instead use the much simpler sk_enroll/sk_sign API that libsk provided. After looking around a bit, I saw a comment in the libfido2 repo about the libsk functionality moving into OpenSSH itself, but I don?t see any way to build that as a library any more. In fact, the only implementation I can find now is the one in sk-usbhid.c which seems to...

On 2019-11-14, Damien Miller <djm at mindrot.org> wrote: > Please give this a try - security key support is a substantial change and > it really needs testing ahead of the next release. Hi Damien, Thanks for working on security key support, this is a really nice feature to have in openssh. My non-FIDO2 security key (YubiKey NEO) doesn't work with the latest changes to openssh

...ESDcBZsKSWcro explicit authenticator Confirm user presence for key ECDSA-SK SHA256:HixXHmVbrCZRxWUXIDOZF50VAIf/cVESDcBZsKSWcro debug1: start_helper: starting /usr/lib/ssh/ssh-sk-helper debug1: process_sign: ready to sign with key ECDSA-SK, provider internal: msg len 360, compat 0x4000000 debug1: sshsk_sign: provider "internal", key ECDSA-SK, flags 0x25 debug1: sk_probe: 2 device(s) detected debug1: sk_probe: selecting sk by touch debug1: sk_touch_poll: polling /dev/hidraw7 debug1: sk_touch_poll: polling /dev/hidraw5 ... debug1: sk_touch_poll: polling /dev/hidraw7 debug1: sk_touch_poll: poll...