Cannot export public key

[SharkyRawr]

Hi, I've been following this guide https://incenp.org/notes/2020/tpm-based-ssh-key.html and everything seems to work okay up to the point of exporting the generated pubkey:

# tpm2_ptool addkey --algorithm=rsa2048 --label=luna --userpin=1234
action: add
private:
  CKA_ID: '39326133346---snip'
public:
  CKA_ID: '39326133346---snip'

# ssh-keygen -D /usr/lib64/pkcs11/libtpm2_pkcs11.so > key.pub
invalid attribute length
failed to fetch key
Enter PIN for 'luna': 
invalid attribute length
failed to fetch key
cannot read public key from pkcs11

Running on Fedora Silverblue 32

tpm2-tss-2.4.2-1.fc32.x86_64
tpm2-pkcs11-1.3.2-1.fc32.x86_64
tpm2-tss-engine-1.0.1-2.fc32.x86_64
tpm2-pkcs11-tools-1.3.2-1.fc32.x86_64
tpm2-abrmd-selinux-2.3.1-1.fc32.noarch
tpm2-abrmd-2.3.2-1.fc32.x86_64
tpm2-tools-4.1.3-1.fc32.x86_64
tpm2-tss-engine-utilities-1.0.1-2.fc32.x86_64

This is all I could find in dmesg regarding the TPM2 module:

tpm_tis MSFT0101:00: 2.0 TPM (device-id 0xFC, rev-id 1)

I don't know how to debug this and any help would be greatly appreciated. :)

[williamcroberts]

I have no idea, our README should have details on our mailing list, I would post there:

• https://lists.01.org/postorius/lists/tpm2.lists.01.org/

I would try and get it in a debugger and find where it's failing. I would also suggest to crank up the verbosity on ssh-keygen and see if it provides us a better error message, but I don't see any option that would allow for that.

[williamcroberts]

@SharkyRawr did you ever figure this out?

[SharkyRawr]

Sadly no. I reinstalled my laptop with Manjaro and am getting better error messages though:

~ >>> ssh-keygen -D /usr/lib/pkcs11/libtpm2_pkcs11.so > key.pub                                   [130]
WARNING:fapi:src/tss2-fapi/ifapi_io.c:282:ifapi_io_check_create_dir() Directory /home/fynne//.local/share/tpm2-tss/user/keystore does not exist, creating 
WARNING:fapi:src/tss2-fapi/ifapi_io.c:282:ifapi_io_check_create_dir() Directory /var/lib/tpm2-tss/system/keystore/policy does not exist, creating 
ERROR:fapi:src/tss2-fapi/ifapi_helpers.c:986:create_dirs() mkdir not possible: -1 /var/lib/tpm2-tss/system/keystore/policy 
ERROR:fapi:src/tss2-fapi/ifapi_helpers.c:1013:ifapi_create_dirs() ErrorCode (0x0006000b) Create directories for /var/lib/tpm2-tss/system/keystore/policy 
ERROR:fapi:src/tss2-fapi/ifapi_io.c:285:ifapi_io_check_create_dir() ErrorCode (0x0006000b) Directory /var/lib/tpm2-tss/system/keystore/policy can't be created. 
ERROR:fapi:src/tss2-fapi/ifapi_policy_store.c:114:ifapi_policy_store_initialize() ErrorCode (0x0006000b) Policy directory /var/lib/tpm2-tss/system/keystore/policy can't be created. 
ERROR:fapi:src/tss2-fapi/api/Fapi_Initialize.c:212:Fapi_Initialize_Finish() ErrorCode (0x0006000b) Keystore could not be initialized. 
~ >>> sudo ssh-keygen -D /usr/lib/pkcs11/libtpm2_pkcs11.so > key.pub                                   
WARNING:fapi:src/tss2-fapi/ifapi_io.c:282:ifapi_io_check_create_dir() Directory /root//.local/share/tpm2-tss/user/keystore does not exist, creating 
WARNING:fapi:src/tss2-fapi/ifapi_io.c:282:ifapi_io_check_create_dir() Directory /var/lib/tpm2-tss/system/keystore/policy does not exist, creating 
ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:221:Fapi_List_Finish() FAPI not provisioned. 
ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:81:Fapi_List() ErrorCode (0x00060034) Entities_List 
ERROR: Listing FAPI token objects failed.
cannot read public key from pkcs11
~ >>> ssh-keygen -D /usr/lib/pkcs11/libtpm2_pkcs11.so > key.pub                                   [255]
ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:221:Fapi_List_Finish() FAPI not provisioned. 
ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:81:Fapi_List() ErrorCode (0x00060034) Entities_List 
ERROR: Listing FAPI token objects failed.
~ >>> 

[SharkyRawr]

I managed to break my laptops UEFI BIOS by trying to reset the TPM module from Linux. Ended up scrambling for a flashing tool and update file and reflashing everything, resetting to defaults and then clearing the TPM module and going through the tutorial steps again.. and it just works... ._. Still getting the FAPI error but it works, I can ssh using the tpm module:

~ >>> ssh -A root@luna                                                                                 
ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:221:Fapi_List_Finish() FAPI not provisioned. 
ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:81:Fapi_List() ErrorCode (0x00060034) Entities_List 
ERROR: Listing FAPI token objects failed.
The authenticity of host 'luna.hackr.org (46.4.98.16)' can't be established.
ECDSA key fingerprint is SHA256:Y5AFB/6jjnq0yayJOOs99ZsOxThlMAXbzvcgPH4LqRQ.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'luna.hackr.org' (ECDSA) to the list of known hosts.
Enter PIN for 'sophie': 
Linux luna.catgirl.biz 5.4.65-1-pve #1 SMP PVE 5.4.65-1 (Mon, 21 Sep 2020 15:40:22 +0200) x86_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Fri Oct 16 05:31:00 2020 from 77.snip
Welcome to fish, the friendly interactive shell
root@luna ~# 

[williamcroberts]

The FAPI error is harmless:

ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:221:Fapi_List_Finish() FAPI not provisioned. 
ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:81:Fapi_List() ErrorCode (0x00060034) Entities_List 
ERROR: Listing FAPI token objects failed.

It comes from not having FAPI enabled on your system, you can ignore it or perhaps turn it off in the logging for tpm2-tss library:

• https://github.com/tpm2-software/tpm2-tss/blob/master/doc/logging.md

I'm not sure if they the option in that to turn it off... But you if you want to get FAPI provisioned... use the tss2_provision command from tpm2-tools. If it doesn't work, send an email on our mailing list mentioned in the README for support.

[dnoliver]

I run into this issue as well. The problem seems to be Fedora.

There are some hints about what may be happening here https://www.mail-archive.com/debian-ssh@lists.debian.org/msg08846.html

I haven't looked very far into this yet, but as far as I can tell that Fedora bug is not the same thing. Fedora carries a patch set that asks for the CKA_LABEL attribute, and that bug was because it was (apparently incorrectly) requiring that attribute to have non-zero length.

It is reproducible using containers, so there is no problem with the actual TPM.

Using an ubuntu 18.04 container, with the libraries compiled from source, I get the following:

+ ssh-keygen -D /usr/local/lib/libtpm2_pkcs11.so
+ tee my.pub
WARNING:fapi:src/tss2-fapi/ifapi_io.c:282:ifapi_io_check_create_dir() Directory /root//.local/share/tpm2-tss/user/keystore does not exist, creating
WARNING:fapi:src/tss2-fapi/ifapi_io.c:282:ifapi_io_check_create_dir() Directory /usr/local/var/lib/tpm2-tss/system/keystore/policy does not exist, creating
ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:221:Fapi_List_Finish() FAPI not provisioned.
ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:81:Fapi_List() ErrorCode (0x00060034) Entities_List
ERROR: Listing FAPI token objects failed.
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxKicVrhCX+K0ksWBd8Fg9S8wz9ie8NR1rk9WNj5p3YIEweGTNhNh+U6adF6U2PFGBuPee8UFzrtTeMfXm+ptMvC8md9YydO3vPeMYFl1b3pb44s9LH3g4ODihCBmdNLUzulj7xUpi9z9fZDhM2UVHRcvIJynjbrrv3QDHz7m0L825xobmzzPkzqhlsVe9xAecPpyfrz77t6nnREi+cLsWv0j3vEZ7WDC63HVuKZ5oUrDt8ACBsqORhgoSEt73/7ls5qGTM+1aTEd4kidcMEUInGupdnVjYMz/2y6wvHF2V9aPrAQRZLri+AuyREa25boaj+1MqD3EJO3MtQoYcQf1

But running the equivalent command in Fedora32 or Fedora33 based container, the result is the following:

+ ssh-keygen -D /usr/lib64/pkcs11/libtpm2_pkcs11.so
+ tee my.pub
WARNING:fapi:src/tss2-fapi/ifapi_io.c:282:ifapi_io_check_create_dir() Directory /run/tpm2-tss/eventlog/ does not exist, creating
WARNING:fapi:src/tss2-fapi/ifapi_io.c:282:ifapi_io_check_create_dir() Directory /root//.local/share/tpm2-tss/user/keystore does not exist, creating
WARNING:fapi:src/tss2-fapi/ifapi_io.c:282:ifapi_io_check_create_dir() Directory /var/lib/tpm2-tss/system/keystore/policy does not exist, creating
ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:221:Fapi_List_Finish() FAPI not provisioned.
ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:81:Fapi_List() ErrorCode (0x00060034) Entities_List
ERROR: Listing FAPI token objects failed.
invalid attribute length
failed to fetch key
Enter PIN for 'label':
invalid attribute length
failed to fetch key
cannot read public key from pkcs11

I can see that my labels are empty:

[root@9365f2dfa353 workdir]# tpm2_ptool listobjects --label label
- CKA_CLASS: CKO_PRIVATE_KEY
  CKA_ID:
  - '61656337663138363433663335643266'
  CKA_KEY_TYPE: CKK_RSA
  CKA_LABEL: ''
  id: 1
- CKA_CLASS: CKO_PUBLIC_KEY
  CKA_ID:
  - '61656337663138363433663335643266'
  CKA_KEY_TYPE: CKK_RSA
  CKA_LABEL: ''
  id: 2

I tried setting the label with p11tool but, it is not working:

[root@9365f2dfa353 workdir]# p11tool --set-label=label pkcs11:model=IoT%20Software%20TPM;manufacturer=MSFT;serial=0000000000000000;token=label
ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:221:Fapi_List_Finish() FAPI not provisioned.
ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:81:Fapi_List() ErrorCode (0x00060034) Entities_List
ERROR: Listing FAPI token objects failed.
note: assuming --login for this operation.
Token 'label' with URL 'pkcs11:model=IoT%20Software%20TPM;manufacturer=MSFT;serial=0000000000000000;token=label' requires user PIN
Enter PIN:
Enter password:
Error in pkcs11_set_val:1661: PKCS #11 error.

Is there any alternative ways of setting the CKA_LABEL to verify if that is the problem?

[dnoliver]

I found a workaround to the key generation step, but run into the same problem when I try to ssh using the pkcs11 module: The workaround is to use p11tool to export the public key:

[root@28e9da3af1d5 workdir]# p11tool --list-token-urls
pkcs11:model=IoT%20Software%20TPM;manufacturer=MSFT;serial=0000000000000000;token=label

[root@28e9da3af1d5 workdir]# p11tool --list-all pkcs11:model=IoT%20Software%20TPM;manufacturer=MSFT;seri
al=0000000000000000;token=label
Object 0:
        URL: pkcs11:model=IoT%20Software%20TPM;manufacturer=MSFT;serial=0000000000000000;token=label;id=
%35%61%66%30%61%64%34%30%63%31%63%62%38%64%31%64;type=public
        Type: Public key (RSA-2048)
        Label:
        ID: 35:61:66:30:61:64:34:30:63:31:63:62:38:64:31:64

[root@28e9da3af1d5 workdir]# p11tool --export  'pkcs11:model=IoT%20Software%20TPM;manufacturer=MSFT;serial=0000000000000000;token=label;id=
%35%61%66%30%61%64%34%30%63%31%63%62%38%64%31%64;type=public' > my.pem

[root@28e9da3af1d5 workdir]# ssh-keygen -f my.pem -i -mPKCS8 > my.pub

So, I get the ssh-rsa key using p11tool instead of ssh-keygen -D <PATH TO MODULE>. The benefit of this is that p11tool will allow you to select one key by id, while ssh-keygen will output all the public keys available.

So finally, copy the key to the target host and try to ssh into it:

[root@28e9da3af1d5 workdir]# ssh-copy-id -f -i my.pub root@test-1.mshome.net
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "my.pub"
The authenticity of host 'test-1.mshome.net (192.168.111.139)' can't be established.
ECDSA key fingerprint is SHA256:dSqJaLWHhfl+BxSQN4Zi543ggDTU4Nh/xc6QDnMD3jQ.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
root@test-1.mshome.net's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@test-1.mshome.net'"
and check to make sure that only the key(s) you wanted were added.

[root@28e9da3af1d5 workdir]# ssh -I /usr/lib64/pkcs11/libtpm2_pkcs11.so root@test-1.mshome.net
invalid attribute length
failed to fetch key
invalid attribute length
failed to fetch key
Enter PIN for 'label':
invalid attribute length
failed to fetch key
invalid attribute length
failed to fetch key
root@test-1.mshome.net's password:

So, it is saying the same as the ssh-keygen tool, that I have an attribute of invalid length (maybe the CKA_LABEL?)

[dnoliver]

Trying to set the CKA_LABEL with p11tool fails with unsupported feature :(

[root@28e9da3af1d5 workdir]# p11tool --set-label=label 'pkcs11:model=IoT%20Software%20TPM;manufacturer=MSFT;serial=0000000000000000;token=label;id=%33%38%36%62%34%65%65%39%33%66%32%36%65%31%62%62;type=public' > my.pem
note: assuming --login for this operation.
Token 'label' with URL 'pkcs11:model=IoT%20Software%20TPM;manufacturer=MSFT;serial=0000000000000000;token=label' requires user PIN
Enter PIN:
Error in pkcs11_set_val:1669: PKCS #11 unsupported feature

[williamcroberts]

Are these bugs in the library or pkcs11-tool and p11-tool?

[dnoliver]

Not sure if there is a lib problem. This is how I reproduce it:

On the same host, create both Fedora and Ubuntu images, and run the test:

test.sh

#!/bin/bash

set -euxo pipefail
export TPM2TOOLS_TCTI="device:/dev/tpmrm0"
export TPM2_PKCS11_TCTI="device:/dev/tpmrm0"
export TPM2_PKCS11_STORE="/etc/tpm2_pkcs11"
export TPM2_PKCS11_LOG_LEVEL=0
rm ${TPM2_PKCS11_STORE} -fr || true
mkdir -p ${TPM2_PKCS11_STORE} || true
tpm2_clear
tpm2_ptool init
tpm2_ptool addtoken --pid=1 --sopin=sopin --userpin=userpin --label=label
tpm2_ptool config --key tcti --value "device:/dev/tpmrm0" --label=label
tpm2_ptool addkey --algorithm=rsa2048 --label=label --userpin=userpin

ssh-keygen -D ${TPM2_PKCS11_MODULE}

Dockerfile.fedora

FROM fedora:32

RUN dnf install -y \
        tpm2-pkcs11 tpm2-pkcs11-tools tpm2-tools \
        gnutls-utils openssl-pkcs11 openssh

WORKDIR /root

ENV TPM2_PKCS11_MODULE="/usr/lib64/pkcs11/libtpm2_pkcs11.so"

COPY ./test.sh /root/test.sh

RUN chmod u+x /root/test.sh

CMD bash

Dockerfile.ubuntu

FROM ubuntu:18.04

RUN apt-get update && apt-get -y install git

RUN git clone https://github.com/tpm2-software/tpm2-tss && \
    cd tpm2-tss && \
    git checkout 3.0.1 && \
    apt-get -y install \
        autoconf-archive libcmocka0 libcmocka-dev procps iproute2 \
        build-essential pkg-config gcc libtool automake libssl-dev \
        uthash-dev autoconf doxygen libjson-c-dev libini-config-dev \
        libcurl4-openssl-dev && \
    ./bootstrap && ./configure && make -j4 && make install && \
    export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig/ && \
    ldconfig

RUN git clone https://github.com/tpm2-software/tpm2-tools && \
    cd tpm2-tools && \
    git checkout 4.3.0 && \
    apt-get -y install \
        autoconf automake libtool pkg-config gcc libssl-dev \
        libcurl4-gnutls-dev uuid-dev python-yaml && \
    ./bootstrap && ./configure && make -j4 && make install

RUN git clone https://github.com/tpm2-software/tpm2-pkcs11 && \
    cd tpm2-pkcs11 && \
    git checkout 1.4.0 && \
    apt-get -y install \
        automake make gcc libsqlite3-dev autoconf-archive \
        python3.7 python3-pip libyaml-dev && \
    python3.7 -m pip install pip && \
    ./bootstrap && ./configure && make -j4 && make install && \
    cd tools && \
    python3.7 -m pip install . && \
    python3.7 -m pip install cffi && \
    python3.7 setup.py install

ENV TPM2_PKCS11_MODULE="/usr/local/lib/libtpm2_pkcs11.so"

COPY ./test.sh /root/test.sh

RUN chmod u+x /root/test.sh

WORKDIR /root

CMD bash

To build and run the test:

docker build -f Dockerfile.fedora -t fedora .
docker build -f Dockerfile.ubuntu -t ubuntu .
docker run -ti --device /dev/tpmrm0 fedora /root/test.sh
docker run -ti --device /dev/tpmrm0 ubuntu /root/test.sh

The Fedora one fails, and is not able to export the public key. The ubuntu one works. I played with different versions of pkcs11, in both base images, and they fail anyways. The big diff I see between them is the version of openssh client:

[root@fedora-server pkcs11]# docker run --rm fedora rpm -qa openssh
openssh-8.3p1-3.fc32.x86_64

[root@fedora-server pkcs11]# docker run --rm ubuntu apt-cache policy openssh-client
openssh-client:
  Installed: 1:7.6p1-4ubuntu0.3
  Candidate: 1:7.6p1-4ubuntu0.3
  Version table:
 *** 1:7.6p1-4ubuntu0.3 500
        500 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages
        100 /var/lib/dpkg/status
     1:7.6p1-4 500
        500 http://archive.ubuntu.com/ubuntu bionic/main amd64 Packages

[kuba00739]

Have anyone managed to solve this problem? Is it even possible on fedora? Would be very thankful for any answer :)

[williamcroberts]

Have anyone managed to solve this problem? Is it even possible on fedora? Would be very thankful for any answer :)

No fixes yet AFAIK

[dnoliver]

Still failing with the latest fedora:33 image, using openssh-8.4 And it is still working with the latest ubuntu:20.04 image, using openssh-client-8.2 Filed a bug in Fedora's Bugzilla https://bugzilla.redhat.com/show_bug.cgi?id=1919007

[dnoliver]

Fix is on the way for Fedora 34. There is a test package for Fedora 33.

You get a free PKCS11 URI at the end of the RSA key!

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCQCtN3iKmfdy7z0ZoKjSOKxut8s5nEPfkFMd/+OpOMe4DFgbDpDiSUrx+/zzEUza9oh56u7ZXm3Z9NqEVAU01BT59mwqehjGEgJbIbFo48gpKNHExdYjYbVMcZVYWEc1rJXmZCb5pYCOsKMDRUiBoz6x6nL+o0Wpe8siqGQ0q90MM2tBhhz3OPZZ0tnudby1gTVU8TccgWh/gNe2SWLO5sBobt3xN8gq02D3DagFGMUFzJ+MKPpszkMoCCQ+pXCfF0AN6WdiI4X5m8SwtC7edCbeMl3zckGeT2Ys9QQqs9dSDXyWPloj9+Q7TKfMF6U22JguanMA3eeZYGRv0V9oqr pkcs11:id=%63%34%36%65%61%61%65%36%66%38%62%39%38%35%31%36;token=label;manufacturer=MSFT?module-path=/usr/lib64/pkcs11/libtpm2_pkcs11.so

[williamcroberts]

Fix is on the way for Fedora 34. There is a test package for Fedora 33.

You get a free PKCS11 URI at the end of the RSA key!

That doesn't seem correct, so what project had the bug?

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCQCtN3iKmfdy7z0ZoKjSOKxut8s5nEPfkFMd/+OpOMe4DFgbDpDiSUrx+/zzEUza9oh56u7ZXm3Z9NqEVAU01BT59mwqehjGEgJbIbFo48gpKNHExdYjYbVMcZVYWEc1rJXmZCb5pYCOsKMDRUiBoz6x6nL+o0Wpe8siqGQ0q90MM2tBhhz3OPZZ0tnudby1gTVU8TccgWh/gNe2SWLO5sBobt3xN8gq02D3DagFGMUFzJ+MKPpszkMoCCQ+pXCfF0AN6WdiI4X5m8SwtC7edCbeMl3zckGeT2Ys9QQqs9dSDXyWPloj9+Q7TKfMF6U22JguanMA3eeZYGRv0V9oqr pkcs11:id=%63%34%36%65%61%61%65%36%66%38%62%39%38%35%31%36;token=label;manufacturer=MSFT?module-path=/usr/lib64/pkcs11/libtpm2_pkcs11.so

[dnoliver]

It was Fedora's openssh. The fix is here https://src.fedoraproject.org/rpms/openssh/pull-request/16 (it now accepts empty labels)

I wanted to test if the trailing PKCS11 URI cause problems to stablish the ssh connection. But I think I am still having problems to stablish the connection. Now I can generate the key and get the public part, copy that to the server with ssh-copy-id, but it fails to ssh into the box:

I think the problem is now openssh-clients:

[root@fedora-server issue-592]# dnf provides ssh
Last metadata expiration check: 0:27:34 ago on Tue 26 Jan 2021 12:07:15 PM -03.
openssh-clients-8.4p1-1.1.fc33.x86_64 : An open source SSH client applications
Repo        : fedora
Matched from:
Filename    : /usr/bin/ssh

More info here https://bugzilla.redhat.com/show_bug.cgi?id=1919007#c6

This will work some day! :D

UPDATE: it was a problem on my end using the bad openssh-clients package. There is also a fix for that available. Find below the Dockerfile and test used to validate that the full setup is working

FROM fedora:33
RUN dnf install -y \
        tpm2-pkcs11 tpm2-pkcs11-tools tpm2-tools \
        gnutls-utils openssl-pkcs11
WORKDIR /root
ENV TPM2_PKCS11_MODULE="/usr/lib64/pkcs11/libtpm2_pkcs11.so"
RUN curl https://kojipkgs.fedoraproject.org//work/tasks/5911/60445911/openssh-8.4p1-5.fc33.x86_64.rpm --output openssh-8.4p1-5.fc33.x86_64.rpm && \
    rpm -ivh openssh-8.4p1-5.fc33.x86_64.rpm
RUN dnf install -y libedit libfido2
RUN curl https://kojipkgs.fedoraproject.org//work/tasks/5911/60445911/openssh-clients-8.4p1-5.fc33.x86_64.rpm --output openssh-clients-8.4p1-5.fc33.x86_64.rpm && \
    rpm -ivh https://kojipkgs.fedoraproject.org//work/tasks/5911/60445911/openssh-clients-8.4p1-5.fc33.x86_64.rpm
RUN dnf install -y bind-utils sshpass
COPY ./test.sh /root/test.sh
RUN chmod u+x /root/test.sh

#!/bin/bash
set -euxo pipefail
export TPM2TOOLS_TCTI="device:/dev/tpmrm0"
export TPM2_PKCS11_TCTI="device:/dev/tpmrm0"
export TPM2_PKCS11_STORE="/etc/tpm2_pkcs11"
export TPM2_PKCS11_LOG_LEVEL=0
rm ${TPM2_PKCS11_STORE} -fr || true
mkdir -p ${TPM2_PKCS11_STORE} || true
tpm2_clear
tpm2_ptool init
tpm2_ptool addtoken --pid=1 --sopin=sopin --userpin=userpin --label=label
tpm2_ptool config --key tcti --value "device:/dev/tpmrm0" --label=label
tpm2_ptool addkey --algorithm=rsa2048 --label=label --userpin=userpin
SSH_SERVER_HOST='fedora-server.mshome.net'
SSH_SERVER_USER='test'
SSH_SERVER_PASS='*************'
mkdir -p ~/.ssh
ssh-keygen -vvv -D ${TPM2_PKCS11_MODULE} > id_rsa.pub
ssh-keyscan -H ${SSH_SERVER_HOST} > ~/.ssh/known_hosts
ssh-keyscan -H $(host ${SSH_SERVER_HOST} | awk '{ print $4 }') >> ~/.ssh/known_host
sshpass -p ${SSH_SERVER_PASS} ssh-copy-id -f -i id_rsa.pub ${SSH_SERVER_USER}@${SSH_SERVER_HOST}
ssh -I ${TPM2_PKCS11_MODULE} ${SSH_SERVER_USER}@${SSH_SERVER_HOST}

At the end, it asks for the PIN, and get ssh working! :D.

UPDATE 2: the trailing PKCS11 URI does not matter. My setup is working with that trailing URI in my authorized_keys

[root@fedora-server issue-592]# cat /home/test/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDHVwrH8Ah/FawsLtw/Ij+4a3pJPElKb1AzWHGSdfTrEHFKSiJv0EKZN1KX4hz0Cj7+sppaOaOOsuJDNwvvWFMALq/ALB9yTaQAXkrtSvrlVof+hAXUd2Yt98lsprhxY6M/xV0qW5DodDL67XjHhXvgVLb3wXlAdPIa+GtLR7tIwHBFBz242PnefYSA+YLYzu/ttLIRJEj8Yan8gOy9LNygGQeOSHFHuXNWk0Cg9DB/FyezkL0AyrS6PUWEdUiGxTbiIDbaLL5opM8h8bkCLOR7G04UxCDoTWCrCgkib+3usiJds0F30KUJwl9j3pZY5rATRODKyVTTj92JvcIgAiNn pkcs11:id=%64%34%36%39%33%61%38%32%66%35%36%31%39%33%36%31;token=label;manufacturer=MSFT?module-path=/usr/lib64/pkcs11/libtpm2_pkcs11.so

[qwattash]

I'm still having this issue on Arch linux with openssh 8.8 BTW. I'm still a newbie regarding the TPM administration so I'll have to dig more before I can be helpful though.