Bug 3354

Summary: Does the ssh-keygen have fidodevs vendor ID limitation?
Product: Portable OpenSSH Reporter: Chiwai Chan <czwmaple>
Component: ssh-keygenAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED INVALID    
Severity: critical CC: djm
Priority: P5    
Version: 8.7p1   
Hardware: All   
OS: Windows 10   

Description Chiwai Chan 2021-10-11 19:34:02 AEDT 
1.The vendor ID of the fido device is 0x1ea8. The product ID of fido device is 0xfc25.
2.Using "ssh-keygen -t ecdsa-sk" to generate a keypair is fail, it report "invalid format". Can't capture fault of the usb protocol. Can't capture any ctap commands sended to the device.
3.A yubikey is successful.
Comment 1 Damien Miller 2021-10-12 11:45:25 AEDT 
Are you using Microsoft's OpenSSH port or Cygwin?

OpenSSH doesn't have any vendor restrictions on FIDO devices
Comment 2 Chiwai Chan 2021-10-12 12:16:10 AEDT 
(In reply to Damien Miller from comment #1)
> Are you using Microsoft's OpenSSH port or Cygwin?
> 
> OpenSSH doesn't have any vendor restrictions on FIDO devices

It is git version 2.33.0.windows.2.
Comment 3 Damien Miller 2021-10-12 12:51:13 AEDT 
I have no idea at all how git's ssh implementation is plumbed into Windows' FIDO - I recommend you ask the git-for-windows distributor
Comment 4 Damien Miller 2021-12-08 15:29:04 AEDT 
Problem is in vendor packaging of OpenSSH
Comment 5 Damien Miller 2022-02-25 13:57:18 AEDT 
closing bugs resolved before openssh-8.9