Reputation: 723
Failing to generate ed25519-sk key pair | Key enrollment failed: unknown or unsupported key type
I am trying to generate ed25519-sk and ecdsa-sk keys using ssh-keygen on my Windows computer. I have OpenSSH OpenSSH_for_Windows_8.6p1, LibreSSL 3.4.3 installed and Yubikey Firmware version: 5.4.3. But, when I do ssh-keygen.exe -t ed25519-sk -C "[email protected]" I get below error
Generating public/private ed25519-sk key pair.
You may need to touch your authenticator to authorize key generation.
Key enrollment failed: unknown or unsupported key type
However, generating ecdsa key works fine.
Can anyone please let me know how generate ed25519-sk or ecdsa-sk keys to use with Yubikey and Gitlab?
Thanks in advance
Upvotes: 1
Views: 1437
Answers (1)
Reputation: 75
Late answer, but posting anyway as this is still relevant.
OpenSSH_for_Windows_8.6p1 does not support FIDO keys - you'll need V8.9.0.0p1-Beta or newer. See Win32-OpenSSH Releases
Of course, these days it is as easy as running:
winget install Microsoft.OpenSSH.Beta
Windows 11 23H2 shipped with OpenSSH_for_Windows_8.6p1. Perhaps they'll upgrade it for 24H2.
Upvotes: 1
Related Questions
- Signing raw SHA512 digest on my Yubikey - Returns invalid signature
- Go SSH Failed with host key mistmach
- Can the OpenSSH FIDO2 ssh key attestation data be used verify the key resides only a FIDO2 token (e.g. Yubikey)?
- Generate a DSA key pair with 2048 bit - add to the authorized_keys
- How do I get my Yubikey to work with SSH in Windows 10?
- Can I use pyNaCl sealed boxes with an existing openssh key pair?
- Java/Kotlin Output Ed25519 keypair as both JCE KeyPair instance and in OpenSSH format
- How to replicate the functionality of ssh-keygen using python