3354 – Does the ssh-keygen have fidodevs vendor ID limitation？

Bug 3354 - Does the ssh-keygen have fidodevs vendor ID limitation？

Summary: Does the ssh-keygen have fidodevs vendor ID limitation？

Status:	CLOSED INVALID

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	ssh-keygen (show other bugs)
Version:	8.7p1
Hardware:	All Windows 10

Importance:	P5 critical
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2021-10-11 19:34 AEDT by Chiwai Chan
Modified:	2022-02-25 13:57 AEDT (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Chiwai Chan 2021-10-11 19:34:02 AEDT

1.The vendor ID of the fido device is 0x1ea8. The product ID of fido device is 0xfc25.
2.Using "ssh-keygen -t ecdsa-sk" to generate a keypair is fail, it report "invalid format". Can't capture fault of the usb protocol. Can't capture any ctap commands sended to the device.
3.A yubikey is successful.

Comment 1 Damien Miller 2021-10-12 11:45:25 AEDT

Are you using Microsoft's OpenSSH port or Cygwin?

OpenSSH doesn't have any vendor restrictions on FIDO devices

Comment 2 Chiwai Chan 2021-10-12 12:16:10 AEDT

(In reply to Damien Miller from comment #1)
> Are you using Microsoft's OpenSSH port or Cygwin?
> 
> OpenSSH doesn't have any vendor restrictions on FIDO devices

It is git version 2.33.0.windows.2.

Comment 3 Damien Miller 2021-10-12 12:51:13 AEDT

I have no idea at all how git's ssh implementation is plumbed into Windows' FIDO - I recommend you ask the git-for-windows distributor

Comment 4 Damien Miller 2021-12-08 15:29:04 AEDT

Problem is in vendor packaging of OpenSSH

Comment 5 Damien Miller 2022-02-25 13:57:18 AEDT

closing bugs resolved before openssh-8.9