Page MenuHomePhorge

Support for FIDO2-backed SSH keys
Closed, ObsoletePublic

Asked by antonia on Dec 6 2023, 13:48.


Phorge does not accept ssh keys of type or, which are keys backed by a FIDO2 token. This is easily solvable by just adding them to src/applications/auth/sshkey/PhabricatorAuthSSHPublicKey.php. An even better solution could be querying the ssh server with ssh -Q key to get the list of supported keytypes.


Updated 195 Days Ago

Looks like the original list was added in November 2013, and the -Q feature was only being introduced.

Also, the original diff says "If we end up with more than like 5 of these we should probably make this a warning or something instead, the only goal is to prevent user error."...

Update: says we support ssh 6.2 or later, and -Q was added in 6.3, so that would need to be updated too.

Updated 162 Days Ago

Thanks again for the question that was escalated to a patch here:

D25508: Add support for FIDO2-backed SSH keys

New Answer


This question has been marked as closed, but you can still leave a new answer.