Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SSH-KEYGEN returns ''invalid format" when generating ecdsa-sk key and storing it on another device #2279

Open
3 tasks done
Ivomola opened this issue Oct 8, 2024 · 4 comments

Comments

@Ivomola
Copy link

Ivomola commented Oct 8, 2024

Prerequisites

  • Write a descriptive title.
  • Make sure you are able to repro it on the latest version
  • Search the existing issues.

Steps to reproduce

While using OpenSSH_for_Windows_9.5p1, LibreSSL 3.8.2 on Windows 11 24H2 on a non-elevated command prompt, generating an ecdsa-sk key with ssh-keygen -t ecdsa-sk does not work when, at the pop-up opened by ssh-sk-helper.exe titled "Where do you want to store this passkey?" an external device or "iPhone, iPad or Android device" is selected, even if the key is stored correctly on the Android device. Selecting, however, an on-device authentication method like an onboard fingerprint reader or Windows Hello face scanner, does generate a key correctly most of the time.

Expected behavior

C:\Users\User>ssh-keygen -t ecdsa-sk
Generating public/private ecdsa-sk key pair.
You may need to touch your authenticator to authorize key generation.
Enter file in which to save the key (C:\Users\User/.ssh/id_ecdsa_sk):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in C:\Users\User/.ssh/id_ecdsa_sk
Your public key has been saved in C:\Users\User/.ssh/id_ecdsa_sk.pub
The key fingerprint is:
SHA256:AyVE8F6emXJEpgpyWTZG+oDKjI0uWVbV5xMPIRvh6t0 User@HOSTNAME
The key's randomart image is:
+-[ECDSA-SK 256]--+
|   .B+=.B...     |
| . * + rB.++     |
|o * . +a HD=)    |
|== = o n* +o .   |
|+o+ o + d S  .   |
|.+   . + o       |
|o.    . . m E    |
|.        g       |
|                 |
+----[SHA256]-----+

Actual behavior

C:\Users\User>ssh-keygen -t ecdsa-sk
Generating public/private ecdsa-sk key pair.
You may need to touch your authenticator to authorize key generation.
You may need to touch your authenticator again to authorize key generation.
Key enrollment failed: invalid format

Error details

C:\Users\User>ssh-keygen -t ecdsa-sk -vvvv
Generating public/private ecdsa-sk key pair.
You may need to touch your authenticator to authorize key generation.
debug1: find_helper: using "C:\\WINDOWS\\System32\\OpenSSH\\ssh-sk-helper.exe" as helper
debug3: Creating process with CREATE_NO_WINDOW
debug3: spawning "C:\\WINDOWS\\System32\\OpenSSH\\ssh-sk-helper.exe" as subprocess
debug3: start_helper: started pid=73540
debug3: ssh_msg_send: type 5
debug3: ssh_msg_recv entering
debug1: client_converse: helper returned error -4
debug3: reap_helper: pid=73540
Key enrollment failed: invalid format

Environment data

Name                           Value
----                           -----
PSVersion                      5.1.26100.1591
PSEdition                      Desktop
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
BuildVersion                   10.0.26100.1591
CLRVersion                     4.0.30319.42000
WSManStackVersion              3.0
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1

Version

OpenSSH_for_Windows_9.5p1, LibreSSL 3.8.2 being run on Windows Terminal 1.21.2701.0 on Windows 11 24H2 build 26100.1742

Visuals

INFO THAT DIDN'T FIT ELSEWHERE

  • ed25519-sk keys are not supported for storage at least on my Android phone and my Windows Device (Lenovo Thinkpad Yoga L13 2022).
  • Specifying -O "resident" or not didn't change the actual behaviour.
  • When performed on an elevated Powershell or CMD prompt, even storing the keys locally on device by choosing an embedded Windows Hello enabled authentication method does not work, and gives the same error (Key enrollment failed: invalid format)

MEDIA TO ILLUSTRATE THE ISSUE

Succesful key generation on-device

VID-20241008-WA0000.mp4

Failed key generation on another device

ssh_fail.-.Trim.mp4

Note that when the second to last pop up dissapears on its own is when I confirm my biometrics on my Android device and it confirms the process was succesful.

@Ivomola
Copy link
Author

Ivomola commented Oct 8, 2024

Output with FIDO_DEBUG=1:

Generating public/private ecdsa-sk key pair.
You may need to touch your authenticator to authorize key generation.
debug1: find_helper: using "C:\\WINDOWS\\System32\\OpenSSH\\ssh-sk-helper.exe" as helper
debug3: spawning "C:\\WINDOWS\\System32\\OpenSSH\\ssh-sk-helper.exe" as subprocess
debug3: start_helper: started pid=43952
debug3: ssh_msg_send: type 5
debug3: ssh_msg_recv entering
debug1: sshsk_enroll: provider "internal", device "(null)", application "ssh:", userid "(null)", flags 0x25, challenge len 0
debug1: sshsk_enroll: using random challenge
webauthn_load: api version 7
debug1: ssh_sk_enroll: using device windows://hello
debug1: ssh_sk_enroll: key exists
debug1: sshsk_enroll: provider "internal" failure -5
debug1: ssh-sk-helper: Enrollment failed: bad permissions
debug1: main: reply len 8
debug3: ssh_msg_send: type 5
debug1: client_converse: helper returned error -44
debug3: reap_helper: pid=43952
A resident key scoped to 'ssh:' with user id 'null' already exists.
Overwrite key in token (y/n)? y
You may need to touch your authenticator again to authorize key generation.
debug1: find_helper: using "C:\\WINDOWS\\System32\\OpenSSH\\ssh-sk-helper.exe" as helper
debug3: spawning "C:\\WINDOWS\\System32\\OpenSSH\\ssh-sk-helper.exe" as subprocess
debug3: start_helper: started pid=77712
debug3: ssh_msg_send: type 5
debug3: ssh_msg_recv entering
debug1: sshsk_enroll: provider "internal", device "(null)", application "ssh:", userid "(null)", flags 0x35, challenge len 0
debug1: sshsk_enroll: using random challenge
webauthn_load: api version 7
debug1: ssh_sk_enroll: using device windows://hello
cbor_decode_cred_authdata: buf=000001E8D8C78480, len=148
0000: e3 06 10 e8 a1 62 11 59 60 fe 1e c2 23 e6 52 9c
0016: 9f 4b 6e 80 20 0d cb 5e 5c 32 1c 8a f1 e2 b1 bf
0032: 5d 00 00 00 00 ea 9b 8d 66 4d 01 1d 21 3c e4 b6
0048: b4 8c b5 75 d4 00 10 7b 9c db fc 23 e7 68 76 a0
0064: c3 77 af d5 85 15 12 a5 01 02 03 26 20 01 21 58
0080: 20 0f 6d 83 5a 21 54 34 5f c1 13 43 80 d3 c9 76
0096: bc 24 db b0 61 b3 c8 d7 7f 1d c1 9e d7 53 34 79
0112: a9 22 58 20 5a aa be c4 e5 85 89 28 b4 48 ff d2
0128: 3e 4b 91 a6 91 5d 94 cf cf e9 1f 1a 3e 15 cb f5
0144: ba f1 ad ad
decode_attcred: buf=000001E8D8C784A5, len=111
0000: ea 9b 8d 66 4d 01 1d 21 3c e4 b6 b4 8c b5 75 d4
0016: 00 10 7b 9c db fc 23 e7 68 76 a0 c3 77 af d5 85
0032: 15 12 a5 01 02 03 26 20 01 21 58 20 0f 6d 83 5a
0048: 21 54 34 5f c1 13 43 80 d3 c9 76 bc 24 db b0 61
0064: b3 c8 d7 7f 1d c1 9e d7 53 34 79 a9 22 58 20 5a
0080: aa be c4 e5 85 89 28 b4 48 ff d2 3e 4b 91 a6 91
0096: 5d 94 cf cf e9 1f 1a 3e 15 cb f5 ba f1 ad ad
decode_attcred: attcred->id.len=16
debug1: ssh_sk_enroll: self-attested credential
fido_cred_verify_self: cdh=000001E8D8C4F060, authdata=000001E8D8C761E0, x5c=0000000000000000, sig=0000000000000000, fmt=000001E8D8C3BEC0 id=000001E8D8C474C0, rp.id=ssh:
debug1: ssh_sk_enroll: fido_cred_verify_self: FIDO_ERR_INVALID_ARGUMENT
debug1: sshsk_enroll: provider "internal" failure -1
debug1: ssh-sk-helper: Enrollment failed: invalid format
debug1: main: reply len 8
debug3: ssh_msg_send: type 5
debug1: client_converse: helper returned error -4
debug3: reap_helper: pid=77712
Key enrollment failed: invalid format

@ricklahaye
Copy link

Can confirm same behaviour from my side.

Laptop with facial + fingerprint works.
PC with only Windows Hello pin doesn't work.

Another related issue is #2040

@ricklahaye
Copy link

I bought a discrete TPM module and with that I was able to enroll the key. Think it has something to do that the firmware TPM that I was using does not allow that type of key.

@finch71
Copy link

finch71 commented Nov 24, 2024

Maybe this is related
#2040 (comment)

michael-dev added a commit to michael-dev/openssh-portable-powershell that referenced this issue Nov 29, 2024
Using libfido2 with windows://hello results in security key returning
no attestation data. This currently fails due to fido_cred_verify_self
failing.

According to Yubico/libfido2#840 this is
not a bug in libfido2, but openssh instead has to skip the verify
call if no attestation is given.

This fixes the issue by skipping attestation verification during
key generation if there is no attestation.

Fixes PowerShell/Win32-OpenSSH#2279 and
PowerShell/Win32-OpenSSH#2040

Signed-off-by: Michael Braun <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

4 participants