David Lang: > hmm, what I'm finding doesn't seem to use the FIDO challenge/response to the > server, It does. That's why new key types (ECDSA-SK, ED25519-SK) were required to accommodate the existing FIDO challenge/response format. > instead it looks like a public/private key that's unlocked with a > touch, possibly storing the private key on the hardware dongle (but it seems > like there's still a key you need to put on the client system) In the U2F/FIDO WebAuthn model, * on key generation . the private key is kept on the authenticator, . the public key and a key handle are sent to the remote server, * and on key use . the remote server sends a challenge and includes the key handle, . the authenticator generates a response. With OpenSSH, * on key generation . the FIDO private key is kept on the authenticator, . the FIDO public key becomes the SSH public key, . the FIDO key handle makes up the SSH private key, * and on key use . the remote server sends a FIDO challenge, and the SSH client supplies the FIDO key handle to the authenticator, . the authenticator generates a FIDO response which the SSH client forwards to the remote server. The only principal difference is the disposition of the FIDO key handle. -- Christian "naddy" Weisgerber naddy@xxxxxxxxxxxx _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev