search

tavrez / openssh-sk-winhello

A helper for OpenSSH to interact with FIDO2 and U2F security keys through native Windows Hello API
GNU Lesser General Public License v3.0
184 stars 14 forks source link

Query regarding non-admin functionality #2

Closed gettheguru closed 4 years ago

gettheguru commented 4 years ago

Hello,

First and foremost - thank you for releasing this interesting project to the open source community.

I understand through reading your project that you can interact with the FIDO/U2F keys without Administrator privileges by using the Windows Hello API.

Can you confirm for me whether you can use this project entirely without Administrator rights? e.g. not running Git for Windows as Administrator.

Can you also let me know if there is any implementation option using this using WSL2? I understand Git for Windows uses POSIX which is being deprecated.

My goal is to be able to enable FIDO/U2F (or PIV Smart Card) authentication from Windows 10 Enterprise hosts to Linux systems. Unfortunately the OpenSSH implementation in Powershell is woefully out of date.

tavrez commented 4 years ago

Hello, Sorry for late answer. About administrator privileges, yes you can use this without any administrator privileges, this project implementation is same as browsers like firefox and chrome. About WSL, I know fido keys are not working in WSL1, I'm not sure about WSL2

tavrez commented 3 years ago

@gettheguru If you are still interested in using this project inside WSL(both 1&2), I've added brief description in WSL.md