lukeross
commented
4 years ago I'm also interested in U2F support for TermBot, and have forked and added some basic support. It's currently reeeally rough, but is good enough for me to be able to log in to an OpenSSH 8.2 server using a blue Yubico NFC Security Key. I plan to try and improve it a bit, time permitting.
Main limitations right now: you must import an existing "sk-ecdsa-sha2-nistp256@openssh.com" key (cannot generate yet), and it must have a password on the imported key. I also think something's not quite right in my use of the hwsecurity UI flow as the on-screen keyboard only kicks in when I press the back button after logging in. To build it requires custom versions of sshlib and hwsecurity :disappointed: - it's on my github if interested.
(Minor detail - I had originally wanted to use the Google Play Services FIDO support, but as far as I can tell it's just not flexible enough to support SSH, being closely tied to WebAuthn)
NullSense
dschuermann
OpenSSH recently got support for using U2F/FIDO security keys for authentication. It would be nice to be able to use such keys when SSHing from Android devices.
https://marc.info/?l=openssh-unix-dev&m=157259802529972&w=2 https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.u2f