Displaying 5 results from an estimated 5 matches for "ssh_sk_version_major".
2020 Jan 10
4
u2f / libfido2 version
Hi,
So I finally have time to test the u2f support
but so far I haven't been very successful,
Specifically, current HEAD has
SSH_SK_VERSION_MAJOR 0x00040000
and I can't seem to find a matching libfido2 version,
current HEAD of Yubico/libfido2 is 0x00020000
Is there a more up to date libfido2
or a particular commit of openssh-portable
I should be using?
thanks
Sean
2020 Mar 05
3
Fwd: sk-api suggestions
Hello,
I'm helping the Git for windows team and contributing in git-for-windows
repository to help expand the OpenSSH support for fido2 devices on Windows.
Currently we are using your internal implementation(sk-usbhic.c) however
since Windows 10 version 1903 this requires administrator privileges.
I'm trying to create a module for OpenSSH to use webauthn.dll instead of
direct calling to
2020 Sep 04
3
Incomplete attestation data for FIDO2 SKs?
I was recently looking at verifying the attestation data
(ssh-sk-attest-v00) for a SK key, but I believe the data saved in this
structure is insufficient for completing verification of the attestation.
While the structure has enough information for U2F devices, FIDO2 devices
sign their attestation over a richer "authData" blob [1] (concatenated with
the challenge hash). The authData blob
2020 Sep 27
0
Announce: OpenSSH 8.4 released
...okens.
* ssh-keygen(1): the format of the attestation information optionally
recorded when a FIDO key is generated has changed. It now includes
the authenticator data needed to validate attestation signatures.
* The API between OpenSSH and the FIDO token middleware has changed
and the SSH_SK_VERSION_MAJOR version has been incremented as a
result. Third-party middleware libraries must support the current
API version (7) to work with OpenSSH 8.4.
* The portable OpenSSH distribution now requires automake to rebuild
the configure script and supporting files. This is not required when
simpl...
2020 Sep 20
13
Call for testing: OpenSSH 8.4
...okens.
* ssh-keygen(1): the format of the attestation information optionally
recorded when a FIDO key is generated has changed. It now includes
the authenticator data needed to validate attestation signatures.
* The API between OpenSSH and the FIDO token middleware has changed
and the SSH_SK_VERSION_MAJOR version has been incremented as a
result. Third-party middleware libraries must support the current
API version (7) to work with OpenSSH 8.4.
* The portable OpenSSH distribution now requires automake to rebuild
the configure script and supporting files. This is not required when
simpl...