Menu
I'm following the FIDO U2F instructions on https://developers.yubico.com/SSH/ on macOS Monterey with openSSH 8.6 and run into the following issue:
~ ssh-keygen -t ecdsa-sk -f ~/.ssh/id_ecdsa_sk
Generating public/private ecdsa-sk key pair.
You may need to touch your authenticator to authorize key generation.
Key enrollment failed: unknown or unsupported key type
Anyone know what I'm missing here?
357
Securely log in to macOS with the YubiKey, a powerful security key, by using the native smart card (PIV) mode. These methods help better create the ideal ecosystem for a password-less future.
A YubiKey with OpenPGP can be used for logging in to remote SSH servers. In this setup, the Authentication subkey of an OpenPGP key is used as an SSH key to authenticate against a server. To ensure that the only way to log in is by using your YubiKey we recommend disabling password login on your SSH server.
Use Homebrew's OpenSSH
$ brew install openssh
Once installed, you have to override the one in your PATH by putting the openssh folder at the beginning of your PATH in your rc file like this
$ export PATH=$(brew --prefix openssh)/bin:$PATH
Once you've done that and you've sourced your rc file you should be able to generate your key
Tested on macOS Monterey and OpenSSH_8.8p1, OpenSSL 1.1.1l
121
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
