Skip to content
/ posh-ssh-sk-attestation-tool Public

Validates OpenSSH Attestation files, and extracts the public key.

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

WillSmartYubico/posh-ssh-sk-attestation-tool

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
readme.md
readme.md
 
 
ssh-sk-attestation-tools.ps1
ssh-sk-attestation-tools.ps1
 
 

Repository files navigation

Requirements

  • Requires System.Formats.Cbor unzipped to the current directory: https://www.nuget.org/packages/System.Formats.Cbor
  • Only tested with powershell core (7.2)
  • Only works with sk-ssh-ed25519 keys
  • requires attestation.bin and challengefile in the current directory.
  • the ssh-keygen command will create ed25519-sk and ed25519-sk.pub - neither of these files are necessary to evaluate the attestation.
  • the attestation script will generate sk.pub
  • Only supports the default application "ssh:"

Running

  1. Create a Challenge File - can be anything that isn't null, save it as challengefile get-date | Set-Content challengefile
  2. Create a new ed25519 key with provided challenge: ssh-keygen -t ed25519-sk -f ed25519-sk -O challenge=challengefile -O write-attestation=attestation.bin
  3. Run the script ./ssh-sk-attestation-tools.ps1

About

Validates OpenSSH Attestation files, and extracts the public key.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages