From 3e0d6c764686eb1c4bd502d61afebfd2b3a25a6f Mon Sep 17 00:00:00 2001 From: Yubi-David Date: Tue, 3 May 2022 11:38:55 -0500 Subject: [PATCH 1/2] Update Securing_SSH_with_FIDO2.adoc Updated language to note Apple has disabled FIDO2 authentication on the bundled version of OpenSSH on MacOS. --- content/SSH/Securing_SSH_with_FIDO2.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/SSH/Securing_SSH_with_FIDO2.adoc b/content/SSH/Securing_SSH_with_FIDO2.adoc index d7b1656ab..5006a7dda 100644 --- a/content/SSH/Securing_SSH_with_FIDO2.adoc +++ b/content/SSH/Securing_SSH_with_FIDO2.adoc @@ -4,7 +4,7 @@ Staring with 8.2p1, OpenSSH has added support for registering and authenticating Configuring OpenSSH to support FIDO2 credentials requires configuration on both the client and server. Further, slightly different settings are required depending if a Discoverable or Non-Discoverable credential is being used. -OpenSSH with support for FIDO2 credentials is avalible on Linux and MacOS, but not yet on Windows. +OpenSSH with support for FIDO2 credentials is avalible on Linux, but not yet on Windows. MacOS does not currently support FIDO2 credentials in the bundled version of OpenSSH, but this feature may be enabled via installing OpenSSH via homebrew. == Discoverable vs Non-Discoverable Credentials Before configurating an OpenSSH server or Client for FIDO2 credentials, the decision must be reached as whether to use Discoverable or Non-Discoverable credentials. Either option has different strengths, and the best option depends on the environment SSH is being used in. From 8ee6a15034913466cc8a66a1d6a0d45eeda822ff Mon Sep 17 00:00:00 2001 From: Yubi-David Date: Tue, 3 May 2022 11:40:42 -0500 Subject: [PATCH 2/2] Update index.adoc --- content/SSH/index.adoc | 1 + 1 file changed, 1 insertion(+) diff --git a/content/SSH/index.adoc b/content/SSH/index.adoc index 1224d64a4..13fe491e0 100644 --- a/content/SSH/index.adoc +++ b/content/SSH/index.adoc @@ -55,6 +55,7 @@ The Security Key by Yubico and the YubiKey Bio Keys support authenticating to SS .Cons: * Not supported on Windows as of the last update to this page +* Disabled by Apple on the bundled version of OpenSSH in MacOS as of the last update to this page. * No credential management support as of the last update to this page Follow the link:/SSH/Securing_SSH_with_FIDO2.html[step-by-step configuration instructions to enable SSH authentication with the YubiKey and FIDO2]