tabby
tabby copied to clipboard
SSH - 2FA (ecdsa-sk) - Yubikey - Not working
Situation:
Private key encrypted with Yubikey as 2-factor solution (ssh-keygen -t ecdsa-sk -f ~/.ssh/id_ecdsa_sk
). So steps will be;
- SSH to server
- Fill in private key passphrase
- Physically touch Yubikey
Example auth flow from CLI:
$ ssh [email protected]
Enter passphrase for key 'private':
Confirm user presence for key ECDSA-SK SHA256:X7I[...SNIP...]TF0
Last login: Thu Oct 28 14:40:56 2021 from 10.0.1.10
[email protected]:~$
Situation when using Tabby 'Profiles & connections'. Asks passphrase for the private key, but keeps asking it over and over, not asking for the second factor Yubikey needed.
SSH Connecting to 10.0.0.1
SSH Host key fingerprint:
SSH SHA256 e545[...SNIP...]ee876
SSH Loading private key
SSH X Could not read the private key file
SSH X KeyParseError: Failed to parse (unnamed) as a valid auto format key: Unknown algorithm [email protected]
X All configured authentication methods failed
Please have a look at this, would be cool if it works like a charm!
There's no support for -sk
keys / Yubikey at the moment unfortunately.
so uh i have a ppk ssh private key using the encryption type RSA 2048 without any passphrase Tabby asks for key passphrase What is the catch here? Termius works totally fine
Same issue. Tested a rsa key with a passphrase and it works, same without a passphrase and Tabby still prompts for the passphrase. No way to get around the prompt.
Same issue here.
After checked the code, I think this bug may be caused by upstream package ssh2
which lacks the -sk
keys support. We may need to create a new issue in the package's repository to let the author know the necessity to support -sk
private key.