How to build openssh with support for FIDO Security keys on Ubuntu 18.04

12/7/2019 - 2:06 PM

How to build openssh with support for FIDO Security keys on Ubuntu 18.04

sudo apt update
sudo apt install -y cmake cmake-data pkgconf autoconf
sudo apt install -y libssl-dev libudev-dev libcbor-dev libz-dev

git clone https://github.com/Yubico/libfido2.git
cd libfido2/
mkdir build
(cd build && cmake ..)
make -C build
sudo make -C build install
cd -

git clone https://github.com/openssh/openssh-portable.git
cd openssh-portable/
autoreconf
./configure
make
# skipping install for now 
cd -

export SSH_SK_PROVIDER=/usr/local/lib/libsk-libfido2.so

# server:
echo "AuthorizedKeysFile .ssh/authorized_keys" > ./sshd_config
ssh-keygen -t ecdsa -C"hostkey" -f ./host_ecdsa
${PWD}/openssh-portable/sshd -h ${PWD}/host_ecdsa -d -e -p 22222 -f ${PWD}/sshd_config

# client
./openssh-portable/ssh-keygen -t ecdsa-sk -f id_ecdsa_sk
# add client public key in id_ecdsa_sk.pub to  ~/.ssh/authorized_keys on server
./openssh-portable/ssh  -F /dev/null -p 22222 localhost -i id_ecdsa_sk

Cacher is the code snippet organizer for pro developers

We empower you and your team to get more done, faster

How to build openssh with support for FIDO Security keys on Ubuntu 18.04