You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Perhaps this is because sk-* private keys are not true private keys but just contain a key handle which references the private key on the security key (as mentioned in https://developers.yubico.com/SSH/Securing_SSH_with_FIDO2.html). However, I believe we should still be able to parse the private key and extract the key handle + the public key part.
Just curious if there's any reason support was not added for this already?
The text was updated successfully, but these errors were encountered:
Proposal Details
Support for sk-* key types on the server-side was added in 2019: golang/crypto@86a7050
While working on a FIDO2 for SSH project I noticed that the library supports parsing [email protected] and [email protected] public keys, but seems to have no corresponding support for parsing private keys for these key types (i.e. in https://github.com/golang/crypto/blob/7cfb9161e8d828fd6d9f34560e78460435b63503/ssh/keys.go#L1488).
Perhaps this is because sk-* private keys are not true private keys but just contain a key handle which references the private key on the security key (as mentioned in https://developers.yubico.com/SSH/Securing_SSH_with_FIDO2.html). However, I believe we should still be able to parse the private key and extract the key handle + the public key part.
Just curious if there's any reason support was not added for this already?
The text was updated successfully, but these errors were encountered: