Last active
January 26, 2022 11:05
-
-
Save martelletto/6a7cf806c6433ac9ce71d66afb94d70e to your computer and use it in GitHub Desktop.
powershell/openssh-portable + FIDO2 build instructions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1. Building | |
| 1.1 Open Windows PowerShell. | |
| 1.2 Create a workspace folder: | |
| > mkdir workspace | |
| 1.3 Set the WORKSPACE environment variable: | |
| > $Env:WORKSPACE = 'C:\Users\pedro\workspace\' | |
| 1.4 Set the VS140COMNTOOLS environment variable: | |
| > $Env:VS140COMNTOOLS = 'C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\' | |
| 1.5 Clone martelletto/openssh-portable's fido2 branch: | |
| > git clone --branch fido2 https://github.com/martelletto/openssh-portable | |
| 1.6 Build OpenSSH for Windows: | |
| > .\openssh-portable\contrib\win32\openssh\OpenSSH-build.ps1 | |
| 2. Pointing PowerShell to the ssh built in the previous step | |
| 2.1 Prepend PATH: | |
| > $Env:PATH = "C:\Users\pedro\openssh-portable\OpenSSH-Win64_symbols\;" + $Env:PATH | |
| 2.2 Check ssh's version string: | |
| > ssh -V | |
| OpenSSH_for_Windows_8.6p1, LibreSSL 3.3.3 | |
| 3. Testing key generation | |
| 3.1 Create a ecdsa-sk credential on a security key: | |
| > ssh-keygen -t ecdsa-sk | |
| 3.2 Configure the ssh public key (C:\Users\pedro\.ssh\id_ecdsa_sk.pub) in GitHub. | |
| 4. Testing standalone ssh in PowerShell | |
| > ssh [email protected] | |
| <type enter to force ssh to request a shell> | |
| Hi martelletto! You've successfully authenticated, but GitHub does not provide shell access. | |
| 5. Testing git + ssh in PowerShell | |
| 5.1 Set the GIT_SSH environment variable: | |
| > $Env:GIT_SSH = 'C:\Users\pedro\openssh-portable\OpenSSH-Win64_symbols\ssh.exe' | |
| 5.2 Clone a repository (can be public) over ssh: | |
| > git clone ssh://[email protected]/yubico/libfido2 | |
| 6. Pointing WSL2 to the ssh built in step 1.6 | |
| 6.1 Prepend PATH: | |
| $ export PATH=/mnt/c/Users/pedro/openssh-portable/OpenSSH-Win64_symbols/:$PATH | |
| 6.2 Check ssh's version string: | |
| $ ssh.exe -V | |
| OpenSSH_for_Windows_8.6p1, LibreSSL 3.3.3 | |
| 7. Testing standalone ssh in WSL2 | |
| > ssh.exe [email protected] | |
| <type enter to force ssh to request a shell> | |
| Hi martelletto! You've successfully authenticated, but GitHub does not provide shell access. | |
| 8. Testing git + ssh in WSL2 | |
| 8.1 Set the GIT_SSH environment variable: | |
| $ export GIT_SSH=/mnt/c/Users/pedro/openssh-portable/OpenSSH-Win64_symbols/ssh.exe | |
| 8.2 Clone a repository (can be public) over ssh: | |
| $ git clone ssh://[email protected]/yubico/libfido2 |
Still getting this error:
ssh-keygen -t ecdsa-sk Generating public/private ecdsa-sk key pair. You may need to touch your authenticator to authorize key generation. Key enrollment failed: invalid format
i was still using administrator account. with the user account it is working.
usage of ssh-add is still not possible with _sk keys, right?
That’s right.
… On 23 Oct 2021, at 14:26, bierdosenhalter ***@***.***> wrote:
***@***.*** commented on this gist.
usage of ssh-add is still not possible with _sk keys, right?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
Triage notifications on the go with GitHub Mobile for iOS or Android.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Still getting this error: