Last active
February 11, 2024 13:35
-
-
Save joostd/efcd4abaa11304479aac7f322630b16d to your computer and use it in GitHub Desktop.
build libsk-libfido2 for use with Apple's build of OpenSSH on MacOS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# See https://gist.github.com/thelastlin/c45b96cf460919e39ab5807b6d20ac2a | |
set -e | |
# get source | |
if [[ ! -d openssh-portable ]] ; then | |
git clone https://github.com/openssh/openssh-portable.git | |
fi | |
cd openssh-portable | |
# patch | |
if [[ ! -f workaround-standalone-libsk.patch ]] ; then | |
wget https://gist.githubusercontent.com/thelastlin/c45b96cf460919e39ab5807b6d20ac2a/raw/d84ee70a8f0d8cf846ae8b9f1fa6a4071797123e/workaround-standalone-libsk.patch | |
patch < workaround-standalone-libsk.patch | |
fi | |
# use OpenSSL from brew | |
export LDFLAGS="-L/opt/homebrew/opt/[email protected]/lib" | |
export CPPFLAGS="-I/opt/homebrew/opt/[email protected]/include" | |
export PKG_CONFIG_PATH="/opt/homebrew/opt/[email protected]/lib/pkgconfig" | |
autoreconf | |
./configure | |
export LDFLAGS="$(grep ^LDFLAGS= Makefile|cut -d= -f2-)" | |
export LIBFIDO2="$(grep ^LIBFIDO2= Makefile|cut -d= -f2-)" | |
export CC="$(grep ^CC= Makefile|cut -d= -f2-)" | |
# build | |
make libssh.a CFLAGS="-O2 -fPIC" | |
make openbsd-compat/libopenbsd-compat.a CFLAGS="-O2 -fPIC" | |
make sk-usbhid.o CFLAGS="-O2 -DSK_STANDALONE -fPIC" | |
echo $LIBFIDO2 | xargs ${CC} -shared openbsd-compat/libopenbsd-compat.a sk-usbhid.o libssh.a -O2 -fPIC -o libsk-libfido2.so | |
# install | |
sudo cp libsk-libfido2.so /usr/local/lib/ | |
# test | |
/usr/bin/ssh-keygen -t ecdsa-sk -f ./id -N "" -w /usr/local/lib/libsk-libfido2.so | |
SSH_SK_PROVIDER=/usr/local/lib/libsk-libfido2.so /usr/bin/ssh -T [email protected] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment