Manouchehri · March 22, 2022 13:01
diff --git a/gistfile1.txt b/gistfile1.txt
 dave@armie:~ $ ssh-keygen -vvv -t ecdsa-sk -O no-touch-required -N "" -C "$(date +'%Y%m%d')-google1" -f /tmp/google1
 Generating public/private ecdsa-sk key pair.
 You may need to touch your authenticator to authorize key generation.
 debug3: start_helper: started pid=18011
 debug3: ssh_msg_send: type 5
 debug3: ssh_msg_recv entering
 debug1: start_helper: starting /usr/lib/openssh/ssh-sk-helper
 debug1: sshsk_enroll: provider "internal", device "(null)", application "ssh:", userid "(null)", flags 0x00, challenge len 0
 debug1: sshsk_enroll: using random challenge
 debug1: sk_probe: 1 device(s) detected
 debug1: sk_probe: selecting sk by touch
 debug1: ssh_sk_enroll: using device /dev/hidraw0
 debug3: ssh_sk_enroll: attestation cert len=349
 debug3: ssh_sk_enroll: authdata len=198
 debug1: ssh-sk-helper: reply len 870
 debug3: ssh_msg_send: type 5
 debug3: reap_helper: pid=18011
 Your identification has been saved in /tmp/google1
 Your public key has been saved in /tmp/google1.pub
 The key fingerprint is:
 SHA256:bRd0heZ9XzWnT2OS7p9OwX32xAEE15HGRdIkMVlEpJM 20220322-google1
 The key's randomart image is:
 +-[ECDSA-SK 256]--+
 |           .++O#&|
 |           ...=%+|
 |            .oE++|
 |         .   ++=B|
 |        S o o o=@|
 |         . . . o*|
 |            .  ..|
 |             .. .|
 |              o+ |
 +----[SHA256]-----+
 dave@armie:~ $ ssh-keygen -vvv -O no-touch-required -Y sign -f /tmp/google1 -n file trash1.txt
 debug1: Couldn't get agent socket: agent not present
 Signing file trash1.txt
 debug2: hash_file: hashed 6 bytes
 debug3: hash_file: final hash: e7c22b994c59d9cf2b48e549b1e24666636045930d3da7c1acb299d1c3b7f931f94aae41edda2c2b207a36e10f8bcb8d45223e54878f5b316e7ce3b6bc019629
 debug3: start_helper: started pid=18013
 debug3: ssh_msg_send: type 5
 debug3: ssh_msg_recv entering
 debug1: start_helper: starting /usr/lib/openssh/ssh-sk-helper
 debug1: ssh-sk-helper: ready to sign with key ECDSA-SK, provider internal: msg len 96, compat 0x0
 debug1: sshsk_sign: provider "internal", key ECDSA-SK, flags 0x00
 debug1: sk_probe: 1 device(s) detected
 debug1: sk_probe: selecting sk by cred
 debug1: ssh_sk_sign: fido_dev_get_assert: FIDO_ERR_USER_PRESENCE_REQUIRED
 debug1: sshsk_sign: sk_sign failed with code -1
 debug1: ssh-sk-helper: Signing failed: invalid format
 debug1: ssh-sk-helper: reply len 8
 debug3: ssh_msg_send: type 5
 debug1: client_converse: helper returned error -4
 debug3: reap_helper: pid=18013
 Couldn't sign message: invalid format
 Signing trash1.txt failed: invalid format
	dave@armie:~ $ ssh-keygen -vvv -t ecdsa-sk -O no-touch-required -N "" -C "$(date +'%Y%m%d')-google1" -f /tmp/google1
	Generating public/private ecdsa-sk key pair.
	You may need to touch your authenticator to authorize key generation.
	debug3: start_helper: started pid=18011
	debug3: ssh_msg_send: type 5
	debug3: ssh_msg_recv entering
	debug1: start_helper: starting /usr/lib/openssh/ssh-sk-helper
	debug1: sshsk_enroll: provider "internal", device "(null)", application "ssh:", userid "(null)", flags 0x00, challenge len 0
	debug1: sshsk_enroll: using random challenge
	debug1: sk_probe: 1 device(s) detected
	debug1: sk_probe: selecting sk by touch
	debug1: ssh_sk_enroll: using device /dev/hidraw0
	debug3: ssh_sk_enroll: attestation cert len=349
	debug3: ssh_sk_enroll: authdata len=198
	debug1: ssh-sk-helper: reply len 870
	debug3: ssh_msg_send: type 5
	debug3: reap_helper: pid=18011
	Your identification has been saved in /tmp/google1
	Your public key has been saved in /tmp/google1.pub
	The key fingerprint is:
	SHA256:bRd0heZ9XzWnT2OS7p9OwX32xAEE15HGRdIkMVlEpJM 20220322-google1
	The key's randomart image is:
	+-[ECDSA-SK 256]--+
	\| .++O#&\|
	\| ...=%+\|
	\| .oE++\|
	\| . ++=B\|
	\| S o o o=@\|
	\| . . . o*\|
	\| . ..\|
	\| .. .\|
	\| o+ \|
	+----[SHA256]-----+
	dave@armie:~ $ ssh-keygen -vvv -O no-touch-required -Y sign -f /tmp/google1 -n file trash1.txt
	debug1: Couldn't get agent socket: agent not present
	Signing file trash1.txt
	debug2: hash_file: hashed 6 bytes
	debug3: hash_file: final hash: e7c22b994c59d9cf2b48e549b1e24666636045930d3da7c1acb299d1c3b7f931f94aae41edda2c2b207a36e10f8bcb8d45223e54878f5b316e7ce3b6bc019629
	debug3: start_helper: started pid=18013
	debug3: ssh_msg_send: type 5
	debug3: ssh_msg_recv entering
	debug1: start_helper: starting /usr/lib/openssh/ssh-sk-helper
	debug1: ssh-sk-helper: ready to sign with key ECDSA-SK, provider internal: msg len 96, compat 0x0
	debug1: sshsk_sign: provider "internal", key ECDSA-SK, flags 0x00
	debug1: sk_probe: 1 device(s) detected
	debug1: sk_probe: selecting sk by cred
	debug1: ssh_sk_sign: fido_dev_get_assert: FIDO_ERR_USER_PRESENCE_REQUIRED
	debug1: sshsk_sign: sk_sign failed with code -1
	debug1: ssh-sk-helper: Signing failed: invalid format
	debug1: ssh-sk-helper: reply len 8
	debug3: ssh_msg_send: type 5
	debug1: client_converse: helper returned error -4
	debug3: reap_helper: pid=18013
	Couldn't sign message: invalid format
	Signing trash1.txt failed: invalid format