Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ssh-sk-helper failing sshsk_sign with code -2 (requested feature not supported) #1

Open
rdeker opened this issue May 27, 2020 · 17 comments

Comments

@rdeker
Copy link

rdeker commented May 27, 2020

Hi, I'm using your openssh-sk-winhello binaries on Win10 version 1909, build 18363.778 with Git for Windows version 2.62.2-64-bit and a YubiKey 5 NFC. System is running in a Virtualbox VM (though I have also tried with a native Windows install on another machine). When I originally set things up, authentication to a Linux host (Ubuntu 20.04, OpenSSH 8.2p1, also a VM) was functioning, but having come back to it a bit later to document for a client, auth is now failing.

Using the same YubiKey and ecdsa_sk key from a Linux host works perfectly.

Here is the output of "ssh -v" on the Windows host:

$ SSH_SK_HELPER=/usr/lib/ssh/ssh-sk-helper.exe ssh -vv -i ~/.ssh/id_ecdsa_sk [email protected]
OpenSSH_8.2p1, OpenSSL 1.1.1f  31 Mar 2020
debug1: Reading configuration data /c/Users/Deker/.ssh/config
debug1: /c/Users/Deker/.ssh/config line 1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug2: resolve_canonicalize: hostname 10.10.1.222 is address
debug2: ssh_connect_direct
debug1: Connecting to 10.10.1.222 [10.10.1.222] port 22.
debug1: Connection established.
debug1: identity file /c/Users/Deker/.ssh/id_ecdsa_sk type -1
debug1: identity file /c/Users/Deker/.ssh/id_ecdsa_sk-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2p1 Ubuntu-4
debug1: match: OpenSSH_8.2p1 Ubuntu-4 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 10.10.1.222:22 as 'deker'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,[email protected],rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],aes128-cbc,3des-cbc,aes256-cbc,aes192-cbc
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],aes128-cbc,3des-cbc,aes256-cbc,aes192-cbc
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,[email protected],zlib
debug2: compression stoc: none,[email protected],zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,[email protected]
debug2: compression stoc: none,[email protected]
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:BbeOXU9GQubTOCVJmzlQEuTt0OIhh8IDcJGzT47NQLY
debug1: Host '10.10.1.222' is known and matches the ECDSA host key.
debug1: Found key in /c/Users/Deker/.ssh/known_hosts:2
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /c/Users/Deker/.ssh/id_ecdsa_sk  explicit
debug2: pubkey_prepare: done
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,[email protected],ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected]>
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /c/Users/Deker/.ssh/id_ecdsa_sk
Enter passphrase for key '/c/Users/Deker/.ssh/id_ecdsa_sk':
debug1: start_helper: starting /usr/lib/ssh/ssh-sk-helper.exe
debug1: ssh-sk-helper: ready to sign with key ECDSA-SK, provider winhello.dll: msg len 247, compat 0x4000000
debug1: sshsk_sign: provider "winhello.dll", key ECDSA-SK, flags 0x01
debug1: sshsk_open: provider winhello.dll implements version 0x001c0000
debug1: sshsk_sign: sk_sign failed with code -2
debug1: ssh-sk-helper: Signing failed: requested feature not supported
debug1: ssh-sk-helper: reply len 8
debug1: client_converse: helper returned error -59
debug1: identity_sign: sshkey_sign: requested feature not supported
sign_and_send_pubkey: signing failed for ECDSA-SK "/c/Users/Deker/.ssh/id_ecdsa_sk": requested feature not supported
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
[email protected]'s password:

Any advice or assistance would be greatly appreciated. Please let me know what other debug info would be useful.

@tavrez
Copy link
Owner

tavrez commented May 27, 2020

Thanks for reporting, could you tell me:

  1. Have you compiled module by yourself or it's the provided binary
  2. Give me this log but when you are not using winhello.dll

@rdeker
Copy link
Author

rdeker commented May 27, 2020

Thanks for responding so quickly.

  1. I am using the binaries from your github release
  2. Can you clarify exactly what you'd like me to log? I'm not sure if you mean simply removing the SecurityKeyProvider configuration, reverting to the ssh-sk-helper provided by Git for Windows, or something else.

@tavrez
Copy link
Owner

tavrez commented May 27, 2020 via email

@rdeker
Copy link
Author

rdeker commented Jun 1, 2020

I've tried in a VirtualBox Win10 virtual, and on Win10 running natively. As an additional note, the id_ecdsa_sk was generated on a Linux box and copied to Windows, but I've verified that the key is identical and didn't get mangled in copying. etc. Using the same key file and same YubiKey device works fine from a linux host (Ubuntu 20.04).

Using Win10 running natively, running Git bash as administrator, with the SecurityKeyProvider disabled in the ssh config, and the original ssh-sk-helper.exe (just in case), I get the following (note that there is a pause of several seconds after "find_device: found key"):

$ ssh -vv [email protected]
OpenSSH_8.2p1, OpenSSL 1.1.1f  31 Mar 2020
debug1: Reading configuration data /c/Users/Deker/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolve_canonicalize: hostname 10.10.1.222 is address
debug2: ssh_connect_direct
debug1: Connecting to 10.10.1.222 [10.10.1.222] port 22.
debug1: Connection established.
debug1: identity file /c/Users/Deker/.ssh/id_rsa type -1
debug1: identity file /c/Users/Deker/.ssh/id_rsa-cert type -1
debug1: identity file /c/Users/Deker/.ssh/id_dsa type -1
debug1: identity file /c/Users/Deker/.ssh/id_dsa-cert type -1
debug1: identity file /c/Users/Deker/.ssh/id_ecdsa type -1
debug1: identity file /c/Users/Deker/.ssh/id_ecdsa-cert type -1
debug1: identity file /c/Users/Deker/.ssh/id_ecdsa_sk type -1
debug1: identity file /c/Users/Deker/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /c/Users/Deker/.ssh/id_ed25519 type -1
debug1: identity file /c/Users/Deker/.ssh/id_ed25519-cert type -1
debug1: identity file /c/Users/Deker/.ssh/id_ed25519_sk type -1
debug1: identity file /c/Users/Deker/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /c/Users/Deker/.ssh/id_xmss type -1
debug1: identity file /c/Users/Deker/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2p1 Ubuntu-4
debug1: match: OpenSSH_8.2p1 Ubuntu-4 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 10.10.1.222:22 as 'deker'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,[email protected],rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],aes128-cbc,3des-cbc,aes256-cbc,aes192-cbc
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],aes128-cbc,3des-cbc,aes256-cbc,aes192-cbc
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,[email protected],zlib
debug2: compression stoc: none,[email protected],zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,[email protected]
debug2: compression stoc: none,[email protected]
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:BbeOXU9GQubTOCVJmzlQEuTt0OIhh8IDcJGzT47NQLY
debug1: Host '10.10.1.222' is known and matches the ECDSA host key.
debug1: Found key in /c/Users/Deker/.ssh/known_hosts:2
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /c/Users/Deker/.ssh/id_rsa
debug1: Will attempt key: /c/Users/Deker/.ssh/id_dsa
debug1: Will attempt key: /c/Users/Deker/.ssh/id_ecdsa
debug1: Will attempt key: /c/Users/Deker/.ssh/id_ecdsa_sk
debug1: Will attempt key: /c/Users/Deker/.ssh/id_ed25519
debug1: Will attempt key: /c/Users/Deker/.ssh/id_ed25519_sk
debug1: Will attempt key: /c/Users/Deker/.ssh/id_xmss
debug2: pubkey_prepare: done
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,[email protected],ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected]>
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /c/Users/Deker/.ssh/id_rsa
debug1: Trying private key: /c/Users/Deker/.ssh/id_dsa
debug1: Trying private key: /c/Users/Deker/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/Deker/.ssh/id_ecdsa_sk
Enter passphrase for key '/c/Users/Deker/.ssh/id_ecdsa_sk':
debug1: start_helper: starting /usr/lib/ssh/ssh-sk-helper
debug1: ssh-sk-helper: ready to sign with key ECDSA-SK, provider internal: msg len 247, compat 0x4000000
debug1: sshsk_sign: provider "internal", key ECDSA-SK, flags 0x01
debug1: find_device: found 1 device(s)
debug1: find_device: trying device 0: \\\\?\\hid#vid_1050&pid_0407&mi_01#7&3a4fbee5&0&0000#{4d1e55b2-f16f-11cf-88cb-001111000030}
debug1: try_device: fido_dev_get_assert: FIDO_ERR_SUCCESS
debug1: find_device: found key
debug1: ssh_sk_sign: fido_dev_get_assert: FIDO_ERR_ACTION_TIMEOUT
debug1: sshsk_sign: sk_sign failed with code -1
debug1: ssh-sk-helper: Signing failed: invalid format
debug1: ssh-sk-helper: reply len 8
debug1: client_converse: helper returned error -4
debug1: identity_sign: sshkey_sign: invalid format
sign_and_send_pubkey: signing failed for ECDSA-SK "/c/Users/Deker/.ssh/id_ecdsa_sk": invalid format
debug1: Trying private key: /c/Users/Deker/.ssh/id_ed25519
debug1: Trying private key: /c/Users/Deker/.ssh/id_ed25519_sk
debug1: Trying private key: /c/Users/Deker/.ssh/id_xmss
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
[email protected]'s password:

For completeness, on the same Windows host, with the SecurityKeyProvider enabled, and using your modified ssh-sk-helper.exe, I get the following with no real delay noticeable:

$ ssh -vv [email protected]
OpenSSH_8.2p1, OpenSSL 1.1.1f  31 Mar 2020
debug1: Reading configuration data /c/Users/Deker/.ssh/config
debug1: /c/Users/Deker/.ssh/config line 1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolve_canonicalize: hostname 10.10.1.222 is address
debug2: ssh_connect_direct
debug1: Connecting to 10.10.1.222 [10.10.1.222] port 22.
debug1: Connection established.
debug1: identity file /c/Users/Deker/.ssh/id_rsa type -1
debug1: identity file /c/Users/Deker/.ssh/id_rsa-cert type -1
debug1: identity file /c/Users/Deker/.ssh/id_dsa type -1
debug1: identity file /c/Users/Deker/.ssh/id_dsa-cert type -1
debug1: identity file /c/Users/Deker/.ssh/id_ecdsa type -1
debug1: identity file /c/Users/Deker/.ssh/id_ecdsa-cert type -1
debug1: identity file /c/Users/Deker/.ssh/id_ecdsa_sk type -1
debug1: identity file /c/Users/Deker/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /c/Users/Deker/.ssh/id_ed25519 type -1
debug1: identity file /c/Users/Deker/.ssh/id_ed25519-cert type -1
debug1: identity file /c/Users/Deker/.ssh/id_ed25519_sk type -1
debug1: identity file /c/Users/Deker/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /c/Users/Deker/.ssh/id_xmss type -1
debug1: identity file /c/Users/Deker/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2p1 Ubuntu-4
debug1: match: OpenSSH_8.2p1 Ubuntu-4 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 10.10.1.222:22 as 'deker'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,[email protected],rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],aes128-cbc,3des-cbc,aes256-cbc,aes192-cbc
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],aes128-cbc,3des-cbc,aes256-cbc,aes192-cbc
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,[email protected],zlib
debug2: compression stoc: none,[email protected],zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,[email protected]
debug2: compression stoc: none,[email protected]
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:BbeOXU9GQubTOCVJmzlQEuTt0OIhh8IDcJGzT47NQLY
debug1: Host '10.10.1.222' is known and matches the ECDSA host key.
debug1: Found key in /c/Users/Deker/.ssh/known_hosts:2
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /c/Users/Deker/.ssh/id_rsa
debug1: Will attempt key: /c/Users/Deker/.ssh/id_dsa
debug1: Will attempt key: /c/Users/Deker/.ssh/id_ecdsa
debug1: Will attempt key: /c/Users/Deker/.ssh/id_ecdsa_sk
debug1: Will attempt key: /c/Users/Deker/.ssh/id_ed25519
debug1: Will attempt key: /c/Users/Deker/.ssh/id_ed25519_sk
debug1: Will attempt key: /c/Users/Deker/.ssh/id_xmss
debug2: pubkey_prepare: done
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,[email protected],ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected]>
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /c/Users/Deker/.ssh/id_rsa
debug1: Trying private key: /c/Users/Deker/.ssh/id_dsa
debug1: Trying private key: /c/Users/Deker/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/Deker/.ssh/id_ecdsa_sk
Enter passphrase for key '/c/Users/Deker/.ssh/id_ecdsa_sk':
debug1: start_helper: starting /usr/lib/ssh/ssh-sk-helper
debug1: ssh-sk-helper: ready to sign with key ECDSA-SK, provider /usr/bin/winhello.dll: msg len 247, compat 0x4000000
debug1: sshsk_sign: provider "/usr/bin/winhello.dll", key ECDSA-SK, flags 0x01
debug1: sshsk_open: provider /usr/bin/winhello.dll implements version 0x001c0000
Provider "/usr/bin/winhello.dll" implements unsupported version 0x001c0000 (supported: 0x00040000)
debug1: ssh-sk-helper: Signing failed: invalid format
debug1: ssh-sk-helper: reply len 8
debug1: client_converse: helper returned error -4
debug1: identity_sign: sshkey_sign: invalid format
sign_and_send_pubkey: signing failed for ECDSA-SK "/c/Users/Deker/.ssh/id_ecdsa_sk": invalid format
debug1: Trying private key: /c/Users/Deker/.ssh/id_ed25519
debug1: Trying private key: /c/Users/Deker/.ssh/id_ed25519_sk
debug1: Trying private key: /c/Users/Deker/.ssh/id_xmss
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
[email protected]'s password:

Any thoughts or additional help are greatly appreciated.

@tavrez
Copy link
Owner

tavrez commented Jun 1, 2020

Your first run shows that ssh found your key, but when it's tried to communicate with it, it got no answer, something must be wrong with the key or it's softwares(driver, configuration,...)

debug1: find_device: found key
debug1: ssh_sk_sign: fido_dev_get_assert: FIDO_ERR_ACTION_TIMEOUT

Could you please tell me:

  1. When you test FIDO in your browser, what will happen? If it's working at all, and if it's working, how the authentication dialog look like, is it like the one I provided in gif in readme, or it look likes something else (for example go to Yubikey FIDO Demo site)
  2. Have you changed any option for your yubikey in YubiKey Manager app? Disabling U2F and/or FIDO2

I'm working on a new release for OpenSSH 8.3 which doesn't need modified ssh-sk-helper, I'll add more debug information to module to see what is wrong with your configs

@tavrez
Copy link
Owner

tavrez commented Jun 2, 2020

I just remembered another thing:
Did you use no-touch-required option when you tried to generate your key? This can lead to problems
Edit: nvm, checked your flags, it’s not the case

@rdeker
Copy link
Author

rdeker commented Jun 5, 2020

Reza,

  1. The FIDO/U2F test from Firefox on a Win10 VM works fine.
  2. No. I'm using the defaults in the YubiKey for FIDO/U2F. I do also have a cert loaded into the PIV app for another project, but that shouldn't be an issue, correct? Also, you are correct, I did not use the no-touch-required option.

@jschwina
Copy link

I seem to be having the same or a similar issue. With the current version (1.0 RC), I get an error when I try to use or generate a key:

init_winhello: WinHello API Error: Version=2, Is user available=0, user=0

I'm on 20H1, I can use FIDO from a browser (I've tried Firefox, Chrome, and Edge) without any issue, and I did not use the no-touch-required option when trying to generate a key. I've also tried two different FIDO2 keys with the same result.

@tavrez
Copy link
Owner

tavrez commented Jun 20, 2020

@rdeker firefox has two implementation for accessing fido keys, can you show me the screenshot of your browser when web application ask for the key? Or just confirm it's same as the one I posted in README file.
also, version 1.0 is availble for OpenSSH 8.3, it has more debug output.

@tavrez
Copy link
Owner

tavrez commented Jun 20, 2020

@jschwina Can you also post screenshot of your browser when it's asking for key?
And please, could you tell me if internal implementation of OpenSSH for FIDO keys are working for you? (with administrator privileges)

@jschwina
Copy link

jschwina commented Jun 24, 2020

Sure, it's the Windows Hello implementation:
image

And yes, the internal implementation of OpenSSH for FIDO keys works fine with administrator privileges.

@JohnVillalovos
Copy link

No idea if useful but Yubico has a Python implementation of interacting with the U2F key in Windows:

https://github.com/Yubico/python-fido2/blob/master/fido2/client.py#L647-L752

https://github.com/Yubico/python-fido2

Under Windows 10 (1903 or later) access to FIDO devices is restricted and requires running as Administrator. This library can still be used when running as non-administrator, via the fido.client.WindowsClient class. An example of this is included in the file examples/credential.py.

@tavrez
Copy link
Owner

tavrez commented Jul 5, 2020

It is not so different with what I did, my code is inspired by Google Chrome and Firefox source code. When this module is not working and browsers are working at the same time, there most be some settings preventing this module from accessing WinHello platform(maybe because of being an unsigned app)
Since I cannot reproduce the issue I’m gonna release a version and remove the check which is failing to see if users with problem can use it or not.

@JohnVillalovos
Copy link

@tavrez Off-topic: Since you know way much more about this than me. Do you know if this could be done in Pageant for something like PuTTY? Can the ssh-agent do all the work and the ssh client not need to be modified? I'm guessing no, but was hopeful it might be a yes and then could create an ssh agent that could work with PuTTY, or in my case MobaXterm. Thanks!

@tavrez
Copy link
Owner

tavrez commented Jul 5, 2020

@rdeker @jschwina Please test version 1.0.1 report to me, thank you.

@tavrez
Copy link
Owner

tavrez commented Jul 5, 2020

@tavrez Off-topic: Since you know way much more about this than me. Do you know if this could be done in Pageant for something like PuTTY? Can the ssh-agent do all the work and the ssh client not need to be modified? I'm guessing no, but was hopeful it might be a yes and then could create an ssh agent that could work with PuTTY, or in my case MobaXterm. Thanks!

Some part of working with FIDO keys implemented inside ssh client and server, they need to know how to handle new key types(ecdsa-sk and ed25519-sk). Signing and verification process of these two keys are different with normal ecdsa and ed25519 so it can't be done using agent alone.
PuTTY should implement these keys first.

@jschwina
Copy link

jschwina commented Jul 7, 2020

@rdeker @jschwina Please test version 1.0.1 report to me, thank you.

1.0.1 is working fine for me. Log output is as follows:

init_winhello: WARNING! This should not be like this!
WinHello API Error: Version=2, Is user available=0, user=0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants