Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Compatibility of PIV Certificates with other agents #556

Open
dingwen07 opened this issue Jun 26, 2024 · 0 comments
Open

Compatibility of PIV Certificates with other agents #556

dingwen07 opened this issue Jun 26, 2024 · 0 comments

Comments

@dingwen07
Copy link

Description

When using a PIV certificate (RSA2048) stored in a YubiKey for SSH authentication, Secretive derives a different SSH key than other SSH agents like WinCrypt SSH Agent on Windows and TermBot on Android. Both of these agents gives the same SSH key starts with ssh-rsa, whereas Secretive derives a different key that begins with rsa-sha2-512.

Steps to Reproduce

  1. Configure a certificate on YubiKey 9a slot
  2. Install cert on Windows Certificate Store and use WinCrypt SSH Agent to check the public key
  3. Plug YubiKey into Mac and open Secretive and check the public key and fingerprint

Proposed Solution

Provide a compatibility mode in Secretive that will derive the same SSH Key as other agents

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant