yubicoyubikey

Having difficulty to get SSH with a Yubikey working with macOS monterey


I'm following the FIDO U2F instructions on https://developers.yubico.com/SSH/ on macOS Monterey with openSSH 8.6 and run into the following issue:

~ ssh-keygen -t ecdsa-sk -f ~/.ssh/id_ecdsa_sk
Generating public/private ecdsa-sk key pair.
You may need to touch your authenticator to authorize key generation.
Key enrollment failed: unknown or unsupported key type

Anyone know what I'm missing here?


Solution

  • Use Homebrew's OpenSSH

    $ brew install openssh
    

    Once installed, you have to override the one in your PATH by putting the openssh folder at the beginning of your PATH in your rc file like this

    $ export PATH=$(brew --prefix openssh)/bin:$PATH
    

    Once you've done that and you've sourced your rc file you should be able to generate your key

    Tested on macOS Monterey and OpenSSH_8.8p1, OpenSSL 1.1.1l