search for: ssh_sk_version_major

Hi, So I finally have time to test the u2f support but so far I haven't been very successful, Specifically, current HEAD has SSH_SK_VERSION_MAJOR 0x00040000 and I can't seem to find a matching libfido2 version, current HEAD of Yubico/libfido2 is 0x00020000 Is there a more up to date libfido2 or a particular commit of openssh-portable I should be using? thanks Sean

Hello, I'm helping the Git for windows team and contributing in git-for-windows repository to help expand the OpenSSH support for fido2 devices on Windows. Currently we are using your internal implementation(sk-usbhic.c) however since Windows 10 version 1903 this requires administrator privileges. I'm trying to create a module for OpenSSH to use webauthn.dll instead of direct calling to

I was recently looking at verifying the attestation data (ssh-sk-attest-v00) for a SK key, but I believe the data saved in this structure is insufficient for completing verification of the attestation. While the structure has enough information for U2F devices, FIDO2 devices sign their attestation over a richer "authData" blob [1] (concatenated with the challenge hash). The authData blob

...okens. * ssh-keygen(1): the format of the attestation information optionally recorded when a FIDO key is generated has changed. It now includes the authenticator data needed to validate attestation signatures. * The API between OpenSSH and the FIDO token middleware has changed and the SSH_SK_VERSION_MAJOR version has been incremented as a result. Third-party middleware libraries must support the current API version (7) to work with OpenSSH 8.4. * The portable OpenSSH distribution now requires automake to rebuild the configure script and supporting files. This is not required when simpl...

...okens. * ssh-keygen(1): the format of the attestation information optionally recorded when a FIDO key is generated has changed. It now includes the authenticator data needed to validate attestation signatures. * The API between OpenSSH and the FIDO token middleware has changed and the SSH_SK_VERSION_MAJOR version has been incremented as a result. Third-party middleware libraries must support the current API version (7) to work with OpenSSH 8.4. * The portable OpenSSH distribution now requires automake to rebuild the configure script and supporting files. This is not required when simpl...