Join Log in
Score:0
Carlos Garcia-Vaso avatar Ubuntu

Can't generate SSH ed25519-sk key

cn flag
Carlos Garcia-Vaso

I'm trying to generate an ed25519-sk SSH key in Ubuntu 20.04.03 LTS. However, I get a 255 error code when I try. I'm using OpenSSH version: OpenSSH_8.2p1 Ubuntu-4ubuntu0.3, OpenSSL 1.1.1f 31 Mar 2020. See below for the command I'm using and its output:

$ ssh-keygen -vvv -t ed25519-sk                                                     
Generating public/private ed25519-sk key pair.
You may need to touch your authenticator to authorize key generation.
debug3: start_helper: started pid=12407
debug3: ssh_msg_send: type 5
debug3: ssh_msg_recv entering
debug1: start_helper: starting /usr/lib/openssh/ssh-sk-helper 
debug1: sshsk_enroll: provider "internal", device "(null)", application "ssh:", userid "(null)", flags 0x01, challenge len 0
debug1: sshsk_enroll: using random challenge                                                                                                                                    
debug1: ssh_sk_enroll: using device /dev/hidraw9                                                                                                                                
debug1: ssh_sk_enroll: fido_dev_make_cred: FIDO_ERR_INVALID_ARGUMENT
debug1: sshsk_enroll: provider "internal" returned failure -1
debug1: ssh-sk-helper: Enrollment failed: invalid format
debug1: ssh-sk-helper: reply len 8
debug3: ssh_msg_send: type 5
debug1: client_converse: helper returned error -4
debug3: reap_helper: pid=12407
Key enrollment failed: invalid format

However, generating an ecdsa-sk SSH key works without an issue:

$ ssh-keygen -vvv -t ecdsa-sk
Generating public/private ecdsa-sk key pair.
You may need to touch your authenticator to authorize key generation.
debug3: start_helper: started pid=12509
debug3: ssh_msg_send: type 5
debug3: ssh_msg_recv entering
debug1: start_helper: starting /usr/lib/openssh/ssh-sk-helper 
debug1: sshsk_enroll: provider "internal", device "(null)", application "ssh:", userid "(null)", flags 0x01, challenge len 0
debug1: sshsk_enroll: using random challenge
debug1: ssh_sk_enroll: using device /dev/hidraw9
debug3: ssh_sk_enroll: attestation cert len=349
debug1: ssh-sk-helper: reply len 669
debug3: ssh_msg_send: type 5
debug3: reap_helper: pid=12509
Enter file in which to save the key (/home/username/.ssh/id_ecdsa_sk): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/username/.ssh/id_ecdsa_sk
Your public key has been saved in /home/username/.ssh/id_ecdsa_sk.pub
The key fingerprint is:
SHA256:H9n8rBxJUB9Gdk9QfSKY8hhKX9ufBlD5rX9iZk18rYw username@hostname
The key's randomart image is:
+-[ECDSA-SK 256]--+
|           +oo*o=|
|      . o =.o+.++|
|     . o *.+ o.oo|
|      . o o=o . .|
|        S o +o +.|
|         . o += =|
|          . o+o=.|
|           .EoB +|
|            o+ ..|
+----[SHA256]-----+

I'm I doing something wrong, or is this a bug? If this is a bug, are there any known workarounds?

Thanks!

1258
0 + 0
ssh
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.