FIDO2 (CTAP2) or FIDO1 (CTAP1)?

[nekrondev]

It's a bit unclear to me what protocol version you implemented? Is it FIDO U2F (CTAP1) or the never updated FIDO2 (CTAP2) which allows passwordless login?

Cheers, Nek

PS: Another U2F (CTAP1) POC can be found at https://github.com/kyprizel/u2femu which I successfully run on USB Armory Mk II.

[gsora]

master implements CTAP 1, I'm working on a CTAP 2-compatible version though.

This package also implements a bare-metal U2F token, does not need Linux because uses the Tamago compiler.

[nekrondev]

Thanks for your information, I will stay tuned and look out for CTAP2 protocol support. Using TinyGo and bare-metal U2F is really great, however I installed Debian Buster based OS on SD card to have other things running on the USB Armory Mk II like https://github.com/moul/sshportal which acts as a jump portal to access SSH servers so I am still using Linux HID configuration to get CTAP working.

[abarisani]

FYI this works fine with GoKey+fidati: https://wiki.archlinux.org/index.php/Universal_2nd_Factor#OpenSSH