Comments (3)
Same issue here.
- OpenSSH_8.9p1 Ubuntu-3ubuntu0.4, OpenSSL 3.0.2 15 Mar 2022
- Ubuntu 22.04.3 LTS
- WSL version: 1.2.5.0
- Windows version: 10.0.22621.2283
Compiled with the correct release flag (-DSK_API_VERSION=9)
Debug info:
[2023-10-07 15:12:27.494] [win32-bridge] [debug] Parsing CBOR attestation object
[2023-10-07 15:12:27.494] [win32-bridge] [debug] Map keys in CBOR attestation object: ["attStmt", "authData", "fmt"]
[2023-10-07 15:12:27.494] [win32-bridge] [debug] Attestation object format: "none"
[2023-10-07 15:12:27.495] [win32-bridge] [critical] Failed to parse attestation object: Invalid or unknown attestation object format
from windows-fido-bridge.
Same thing here, first suffered #21, now stumbling into this. Fix this as described (copied the so file to /mnt/c/temp
temporarily and ln
it back to /usr/local/lib
).
- OpenSSH_8.9p1 Ubuntu-3ubuntu0.6, OpenSSL 3.0.2 15 Mar 2022
- Ubuntu 22.04.4 LTS
- WSL version: 2.0.9.0
- Windows version: 10.0.22631.3235
Debug ssh-keygen
$ SSH_SK_PROVIDER=/usr/local/lib/libwindowsfidobridge.so sshkeygen -t ecdsa-sk -C sk -vvv
Generating public/private ecdsa-sk key pair.
You may need to touch your authenticator to authorize key generation.
debug3: start_helper: started pid=122630
debug3: ssh_msg_send: type 5
debug3: ssh_msg_recv entering
debug1: start_helper: starting /usr/lib/openssh/ssh-sk-helper
debug1: sshsk_enroll: provider "/usr/local/lib/libwindowsfidobridge.so", device "(null)", application "ssh:", userid "(null)", flags 0x01, challenge len 0
debug1: sshsk_enroll: using random challenge
debug1: sshsk_open: provider /usr/local/lib/libwindowsfidobridge.so implements version 0x00090000
[2024-03-10 18:36:31.673] [win32-bridge] [critical] Failed to parse attestation object: Invalid or unknown attestation object format
debug1: sshsk_enroll: provider "/usr/local/lib/libwindowsfidobridge.so" failure -1
debug1: ssh-sk-helper: Enrollment failed: invalid format
debug1: main: reply len 8
debug3: ssh_msg_send: type 5
debug1: client_converse: helper returned error -4
debug3: reap_helper: pid=122630
Key enrollment failed: invalid format
EDIT:
Running with WINDOWS_FIDO_BRIDGE_DEBUG=1
adds the following information:
[2024-03-10 18:56:02.945] [linux-middleware] [debug] Parameters from OpenSSH:
[2024-03-10 18:56:02.945] [linux-middleware] [debug] Algorithm: 0
[2024-03-10 18:56:02.945] [linux-middleware] [debug] Challenge:
[2024-03-10 18:56:02.945] [linux-middleware] [debug] | 0 1 2 3 4 5 6 7 8 9 a b c d e f
[2024-03-10 18:56:02.945] [linux-middleware] [debug] | 0000: a9 a7 c5 ab 44 3d 52 c7 c1 0e 57 c8 15 ad 4c 6a ....D=R...W...Lj
[2024-03-10 18:56:02.945] [linux-middleware] [debug] | 0010: 14 a3 a7 53 1f 9b a3 c4 17 e7 d2 ee 76 b6 7a 15 ...S........v.z.
[2024-03-10 18:56:02.946] [linux-middleware] [debug] Application: "ssh:"
[2024-03-10 18:56:02.946] [linux-middleware] [debug] Flags: 0b00000001
[2024-03-10 18:56:02.946] [linux-middleware] [debug] PIN: (not present)
[2024-03-10 18:56:02.946] [linux-middleware] [debug] Options:
[2024-03-10 18:56:02.946] [linux-middleware] [debug] (No options provided)
[2024-03-10 18:56:02.946] [linux-middleware] [debug] Sending CBOR to bridge: {"request_parameters": {"alg": 0, "application": "ssh:", "challenge": b"a9a7c5ab443d52c7c10e57c815ad4c6a14a3a7531f9ba3c417e7d2ee76b67a15", "flags": 1, "sk_options": []}, "request_type": "sk_enroll"}
[2024-03-10 18:56:02.946] [linux-middleware] [debug] Invoking Windows bridge with the following parameters:
[2024-03-10 18:56:02.946] [linux-middleware] [debug] | 0 1 2 3 4 5 6 7 8 9 a b c d e f
[2024-03-10 18:56:02.946] [linux-middleware] [debug] | 0000: a2 72 72 65 71 75 65 73 74 5f 70 61 72 61 6d 65 .rrequest_parame
[2024-03-10 18:56:02.946] [linux-middleware] [debug] | 0010: 74 65 72 73 a5 63 61 6c 67 00 6b 61 70 70 6c 69 ters.calg.kappli
[2024-03-10 18:56:02.946] [linux-middleware] [debug] | 0020: 63 61 74 69 6f 6e 64 73 73 68 3a 69 63 68 61 6c cationdssh:ichal
[2024-03-10 18:56:02.946] [linux-middleware] [debug] | 0030: 6c 65 6e 67 65 58 20 a9 a7 c5 ab 44 3d 52 c7 c1 lengeX ....D=R..
[2024-03-10 18:56:02.946] [linux-middleware] [debug] | 0040: 0e 57 c8 15 ad 4c 6a 14 a3 a7 53 1f 9b a3 c4 17 .W...Lj...S.....
[2024-03-10 18:56:02.946] [linux-middleware] [debug] | 0050: e7 d2 ee 76 b6 7a 15 65 66 6c 61 67 73 01 6a 73 ...v.z.eflags.js
[2024-03-10 18:56:02.946] [linux-middleware] [debug] | 0060: 6b 5f 6f 70 74 69 6f 6e 73 80 6c 72 65 71 75 65 k_options.lreque
[2024-03-10 18:56:02.946] [linux-middleware] [debug] | 0070: 73 74 5f 74 79 70 65 69 73 6b 5f 65 6e 72 6f 6c st_typeisk_enrol
[2024-03-10 18:56:02.946] [linux-middleware] [debug] | 0080: 6c l
[2024-03-10 18:56:02.946] [linux-middleware] [debug] Forking.
[2024-03-10 18:56:02.946] [linux-middleware] [debug] Child process PID = 128418
[2024-03-10 18:56:02.946] [linux-middleware] [debug] Sending parameters to child process.
[2024-03-10 18:56:02.946] [linux-middleware] [debug] Parameters sent to child process, waiting for reply.
[2024-03-10 18:56:02.946] [linux-middleware] [debug] [Windows bridge child] Detected own library file path is "/usr/local/lib/libwindowsfidobridge.so".
[2024-03-10 18:56:02.946] [linux-middleware] [debug] [Windows bridge child] Using Windows bridge at "/usr/local/lib/windowsfidobridge.exe".
[2024-03-10 18:56:02.946] [linux-middleware] [debug] [Windows bridge child] Setting WSLENV environment variable to "WT_SESSION:WT_PROFILE_ID::WINDOWS_FIDO_BRIDGE_DEBUG:WINDOWS_FIDO_BRIDGE_FORCE_USER_VERIFICATION".
[2024-03-10 18:56:02.946] [linux-middleware] [debug] [Windows bridge child] Execing.
[2024-03-10 18:56:02.972] [win32-bridge] [debug] Received CBOR from caller: {"request_parameters": {"alg": 0, "application": "ssh:", "challenge": b"a9a7c5ab443d52c7c10e57c815ad4c6a14a3a7531f9ba3c417e7d2ee76b67a15", "flags": 1, "sk_options": []}, "request_type": "sk_enroll"}
[2024-03-10 18:56:02.986] [win32-bridge] [debug] Spawning background thread
[2024-03-10 18:56:30.937] [win32-bridge] [debug] Parsing CBOR attestation object
[2024-03-10 18:56:30.937] [win32-bridge] [debug] Map keys in CBOR attestation object: ["attStmt", "authData", "fmt"]
[2024-03-10 18:56:30.937] [win32-bridge] [debug] Attestation object format: "none"
[2024-03-10 18:56:30.937] [win32-bridge] [critical] Failed to parse attestation object: Invalid or unknown attestation object format
[2024-03-10 18:56:30.937] [win32-bridge] [debug] Sending CBOR to caller: {"return_code": -1}
[2024-03-10 18:56:30.938] [linux-middleware] [debug] Reply received from child process:
[2024-03-10 18:56:30.938] [linux-middleware] [debug] | 0 1 2 3 4 5 6 7 8 9 a b c d e f
[2024-03-10 18:56:30.938] [linux-middleware] [debug] | 0000: a1 6b 72 65 74 75 72 6e 5f 63 6f 64 65 20 .kreturn_code
[2024-03-10 18:56:30.938] [linux-middleware] [debug] Waiting for child process to exit.
[2024-03-10 18:56:30.945] [linux-middleware] [debug] Received CBOR from bridge: {"return_code": -1}
[2024-03-10 18:56:30.945] [linux-middleware] [debug] Bridge return code: -1
from windows-fido-bridge.
I think it's a hardware issue. For example, going to this website (webauthn.io) and selecting the "security key" advanced option leads to this pop-up:
So the issue could be due to the device not supporting security keys.
from windows-fido-bridge.
Related Issues (20)
- signing failed for ECDSA-SK: invalid format HOT 2
- Ed25519 Support HOT 5
- Create a new release HOT 2
- fatal error: span: No such file or directory HOT 4
- Cmake compile options SK_API_VERSION syntax HOT 2
- Resident Keys Support? HOT 7
- Support tunneling over remote desktop
- Windows Hello support HOT 1
- Using the bridge on Windows 11 is slow HOT 3
- FIDO fails when requests to confirm on ssh, but works fine for ssh-keygen HOT 1
- Provider "libwindowsfidobridge.so" dlopen failed: Exec format error HOT 1
- Not being prompted to enter pin to connect to a remote ssh server
- implements unsupported version 0x00070000 (supported: 0x00090000) HOT 11
- Missing dependencies on WSL based on ubuntu HOT 1
- Doesn't work anymore after upgrading WSL to 22.04 HOT 1
- [Feature Request] Support OpenSSH 9.1 HOT 1
- Strip debug data from dll
- Cannot do ssh signing HOT 1
- signing failed for ECDSA-SK - requested feature not supported HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from windows-fido-bridge.