Page MenuHomePhabricator

Implement client side support for u2f keys (including tests)
Open, NormalPublic

Description

The OpenSSH 8.2p1 implements support for keys backed by u2f enabled hardware inside of ssh protocol:

https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.u2f?annotate=HEAD

The internals support was added recently in 17b518a as well as the server support (key verification), but client support and tests are still missing. The testing can be done in very similar manner as in OpenSSH, which ships sk-dummy.so module, which can be used instead of physical hardware.

Event Timeline

Jakuje triaged this task as Normal priority.Tue, Feb 11, 10:26 AM
Jakuje created this task.