Open zpc0 opened 4 months ago
When I changed This line to the following, fido2-token detects the device.
bus = BUS.USB
But I don't understand why...
@zpc0 is that enough to make OpenSSH work?
Also this might be because Bluetooth is not considered sufficiently secure.
@zpc0 is that enough to make OpenSSH work?
Sadly, no.
After the bus = BUS.USB
change,
[user@disp1293 ~]$ fido2-token -L
/dev/hidraw0: vendor=0xf055, product=0xf1d0 ( )
[user@disp1293 ~]$ fido2-token -I /dev/hidraw0
proto: 0x02
major: 0x02
minor: 0x00
build: 0x05
caps: 0x00 (nowink, nocbor, msg)
[user@disp1293 ~]$ ssh-keygen -t ecdsa-sk
Generating public/private ecdsa-sk key pair.
You may need to touch your authenticator to authorize key generation.
Key enrollment failed: invalid format
[user@disp1293 ~]$ ssh-keygen -t ecdsa-sk -O resident
Generating public/private ecdsa-sk key pair.
You may need to touch your authenticator to authorize key generation.
Key enrollment failed: requested feature not supported
[user@disp1293 ~]$
Qubes OS release
R4.2 with latest testing update
Brief summary
Software using libfido2 cannot detect CTAP proxy device.
Steps to reproduce
fido2-tools
fido2-token -L
Expected behavior
fido2-token detects CTAP proxy.
Actual behavior
nothing detected.