Nitrokey FIDO2/Solokey


  1. Please let me know, what is the difference between current Nitrokey FIDO2, SoloKey?
    If trying to do it yourself then it would require an STM controller which costs about $20 on cheap stores like AliExpress?

When are they going to support OpenSSH command:
ssh-keygen -t ecdsa-sk
Recently I tried that “nice and shiny” Feitian K9B FIDO2, and it does NOT work with OpenSSH.
It reports a protocol error after button on the token is touched.
I tried two such FIDO2 token without any success :frowning:

  1. I guess GNUK2 is a different thing? It is similar to NitroKey Start?
    It can be done yourself using a very cheap hardware like STLinks for $5 per a piece?
  1. Our complete hardware design files, including Nitrokey FIDO2, are on Github.
  2. There are a couple of differences, which could be seen by comparing the codebases. We use slightly different hardware, and firmware. We have audited it as well, and supplied patches (downgrade protection, PIN hashing etc.). We plan to add some additional features as well, like Nitrokey Webcrypt. With time the differences list will be longer.
  3. OpenSSH 8.2 is working already with Nitrokey FIDO2. It’s support requires implementing the latest FIDO2 specification, which was out of draft just couple of months ago. Devices with older firmware does not support the new commands needed.
  4. What is GNUK2?
  5. Yes, GNUK can be run on a couple of platforms, specifically the cheap dongles you mention.

GNUK version 2.2, sorry for making confusion.

Is it version FIDO2 rev 2.1 or even more fresh revision?

My Feitian K9B indicated following:
version strings: U2F_V2, FIDO_2_0, FIDO_2_1_PRE

Well, at least it works with browsers which is also good.

The latest one is 1.2.15, hence my confusion. Do you mean some other product or fork?
Anyway regarding differences for Nitrokey Start, we have multiple identities support released recently, which makes one device handling three completely separate virtual smart cards (separate PIN, separate data etc.).

I think there were some changes between 2.1 (pre) and the actual 2.1 release. I would ask them about that :slight_smile:

May be v2.2 was a version of PGP Card specification inside GNUK I was referring to or even desktop GnuPG 2.2 :), sorry for my mistakes related to GNUK in this topic, I will look into this again later during sorting links to different web sites related to secure cards for opensc.

According to Debian page:

Gnuk is an implementation of USB cryptographic token for GNU Privacy Guard. Gnuk supports OpenPGP card protocol version 3, and it runs on STM32F103 processor.

1 Like

Does your Nitrokey FIDO2 already support everything mentioned at:
For example: no-touch-required and resident keys.

Will you support in your newer firmwares further progress or FIDO2 standard & OpenSSH evolution?

I still did not learn the whole principle of work of FIDO2 and OpenSSH plugin for it.
When using FIDO2 token together with OpenSSH, is any private key material being stored beyond FIDO2 token on the disk of the host computer (may be encrypted by FIDO2 own non extractable key)? Can such material be leaked by side channels like emission?
Is then FIDO2 in this term significantly worse than keeping not extractable SSH keys in the NK PRO2 than partially in FIDO2?

There is an instruction of how to use a relatively old 1st generation U2F token (not FIDO2) with SSH portable:

How is it possible my token from 2019 does not work with SSH? Shall not it implement at least old U2F interface together with a new FIDO2 interface?

How can I force FIDO2 token to work in U2F mode with OpenSSH?

I think so. No-touch is FIDO2 specification part I believe, as are RK. Do you think of something particular?

What do you mean by OpenSSH evolution? It was supposed to work on FIDO2. Updates of the latter are planned.

It’s based on RK AFAIK, which is literally storing a key and calculating signature. Whether it’s safe it depends on the threat model.

Please ask OpenSSH team about details.