search

francoismichel / ssh3

SSH3: faster and rich secure shell using HTTP/3, checkout our article here: https://arxiv.org/abs/2312.08396 and our Internet-Draft: https://datatracker.ietf.org/doc/draft-michel-ssh3/
https://arxiv.org/abs/2312.08396
Apache License 2.0
3.18k stars 81 forks source link

Add support for passkeys #125

Open serianox opened 4 months ago

serianox commented 4 months ago

In the same vein as PKCS#11 #84 , SSH3 should provide first class support for passkeys and security keys.

See https://developers.yubico.com/SSH/Securing_SSH_with_FIDO2.html for the instructions on OpenSSH.

gedw99 commented 4 months ago

oh I was just going to raise this one also. thanks for raising it @serianox

https://github.com/Darkness4/auth-htmx is a great example of a golang web gui and passkeys working together and uses https://github.com/go-webauthn/webauthn

BTW, I started building a HTMX based GUI for managing ssh3, so if you like the htmx approach let me know and I will make a PR...

It's designed to make it easier to manage running an SSH3 Servers, by providing basic GUI aspects.

francoismichel commented 4 months ago

I would love having passkeys as well. :-) Still have to figure out how to store the passkeys public credentials o nthe server in a usual ssh-way. It'll probably end-up in the authorized_identities file.

BTW, I started building a HTMX based GUI for managing ssh3, so if you like the htmx approach let me know and I will make a PR...

Would be happy to have a look at it ! If there is a lot of code for the GUI, we may want to keep that in a separated repository but I could at least put a link to it in the README.