Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature Request: Support new SK type keys (ecdsa-sk / ed25519-sk) #300

Open
linuxrrze opened this issue May 30, 2020 · 2 comments
Open

Feature Request: Support new SK type keys (ecdsa-sk / ed25519-sk) #300

linuxrrze opened this issue May 30, 2020 · 2 comments
Labels
enhancement

Comments

@linuxrrze
Copy link

With openssh 8.2 new key types (using Fido/U2F hardware devices) are available:

s. https://lists.mindrot.org/pipermail/openssh-unix-announce/2020-February/000138.html

New types are:
"ecdsa-sk"
"ed25519-sk"

It'd be great to support them in keeagent.
@legioner0
Copy link

Actually, this issue more than enhancement. If ssh-agent have already loaded SK keys, then KeeAgent unable to show list of keys and also unable to unload keys marked with 'remove on lock' flag.

@ezekielnewren
Copy link
Contributor

Interesting. I've been playing with yubikeys for a few years, but didn't know that ssh has direct support them.

@dlech dlech removed this from KeeAgent v1.0 May 24, 2022
dlech added a commit to dlech/SshAgentLib that referenced this issue May 24, 2022
@dlech
add support for reading sk keys
dd41ac2 
This adds partial support for "sk" keys that are associated with a
hardware key. We can only read keys but can't use them for signing.

Reference: https://api.libssh.org/rfc/PROTOCOL.u2f
Issue: dlech/KeeAgent#300
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dlech @legioner0 @ezekielnewren @linuxrrze