Last active
January 23, 2023 09:59
-
-
Save joostd/7857f9aceb99801de28fdd304c74c7cc to your computer and use it in GitHub Desktop.
How to build openssh with support for FIDO Security keys on Ubuntu 18.04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo apt update | |
| sudo apt install -y cmake cmake-data pkgconf autoconf | |
| sudo apt install -y libssl-dev libudev-dev libcbor-dev libz-dev | |
| git clone https://github.com/Yubico/libfido2.git | |
| cd libfido2/ | |
| mkdir build | |
| (cd build && cmake ..) | |
| make -C build | |
| sudo make -C build install | |
| cd - | |
| git clone https://github.com/openssh/openssh-portable.git | |
| cd openssh-portable/ | |
| autoreconf | |
| ./configure | |
| make | |
| # skipping install for now | |
| cd - | |
| export SSH_SK_PROVIDER=/usr/local/lib/libsk-libfido2.so | |
| # server: | |
| echo "AuthorizedKeysFile .ssh/authorized_keys" > ./sshd_config | |
| ssh-keygen -t ecdsa -C"hostkey" -f ./host_ecdsa | |
| ${PWD}/openssh-portable/sshd -h ${PWD}/host_ecdsa -d -e -p 22222 -f ${PWD}/sshd_config | |
| # client | |
| ./openssh-portable/ssh-keygen -t ecdsa-sk -f id_ecdsa_sk | |
| # add client public key in id_ecdsa_sk.pub to ~/.ssh/authorized_keys on server | |
| ./openssh-portable/ssh -F /dev/null -p 22222 localhost -i id_ecdsa_sk |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment