Public bug reported:
I'm trying to create a resident key on my (SOMU) fido2 key using the
following command:
$ ssh-keygen -t ed25519-sk -O resident -f ~/.ssh/somu_id -O verify-required
Generating public/private ed25519-sk key pair.
You may need to touch your authenticator to authorize key generation.
Enter PIN for authenticator:
/usr/lib/openssh/ssh-sk-helper: error while loading shared libraries:
libcbor.so.0: cannot open shared object file: No such file or directory
ssh_msg_recv: read header: Connection reset by peer
client_converse: receive: unexpected internal error
reap_helper: helper exited with non-zero exit status
Key enrollment failed: unexpected internal error
To start, /usr/lib/openssh/ssh-sk-helper references the shared library
libcbor by libcbor.so.0, which is not created by the libcbor0.8 package.
After creating a symbolic link for libcbor.so.0 to libcbor.so.0.8, ssh-
sk-helper continues, but now fails on an undefined symbol:
fido_cred_set_clientdata:
$ ssh-keygen -t ed25519-sk -O resident -f ~/.ssh/somu_id
Generating public/private ed25519-sk key pair.
You may need to touch your authenticator to authorize key generation.
Enter PIN for authenticator:
/usr/lib/openssh/ssh-sk-helper: symbol lookup error:
/usr/lib/openssh/ssh-sk-helper: undefined symbol: fido_cred_set_clientdata
ssh_msg_recv: read header: Connection reset by peer
client_converse: receive: unexpected internal error
reap_helper: helper exited with non-zero exit status
Key enrollment failed: unexpected internal error
Which is confirmed by the output of ldd:
$ ldd -r /usr/lib/openssh/ssh-sk-helper
linux-vdso.so.1 (0x00007ffe4af2e000)
libcrypto.so.3 => /lib/x86_64-linux-gnu/libcrypto.so.3
(0x00007fb8621e7000)
libfido2.so.1 => /usr/local/lib/libfido2.so.1 (0x00007fb8621bd000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fb861f95000)
libcbor.so.0 => /lib/x86_64-linux-gnu/libcbor.so.0 (0x00007fb861f87000)
libcrypto.so.1.1 => /lib/x86_64-linux-gnu/libcrypto.so.1.1
(0x00007fb861cac000)
libudev.so.1 => /lib/x86_64-linux-gnu/libudev.so.1 (0x00007fb861c82000)
/lib64/ld-linux-x86-64.so.2 (0x00007fb862672000)
undefined symbol: fido_cred_set_clientdata (/usr/lib/openssh/ssh-sk-helper)
undefined symbol: fido_dev_get_touch_status (/usr/lib/openssh/ssh-sk-helper)
undefined symbol: fido_cred_set_prot (/usr/lib/openssh/ssh-sk-helper)
undefined symbol: fido_assert_set_clientdata (/usr/lib/openssh/ssh-sk-helper)
undefined symbol: fido_cred_prot (/usr/lib/openssh/ssh-sk-helper)
undefined symbol: fido_dev_supports_cred_prot (/usr/lib/openssh/ssh-sk-helper)
undefined symbol: fido_dev_get_touch_begin (/usr/lib/openssh/ssh-sk-helper)
** Affects: openssh (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1987736
Title:
ssh-sk-helper undefined symbol fido_cred_set_clientdata
Status in openssh package in Ubuntu:
New
Bug description:
I'm trying to create a resident key on my (SOMU) fido2 key using the
following command:
$ ssh-keygen -t ed25519-sk -O resident -f ~/.ssh/somu_id -O verify-required
Generating public/private ed25519-sk key pair.
You may need to touch your authenticator to authorize key generation.
Enter PIN for authenticator:
/usr/lib/openssh/ssh-sk-helper: error while loading shared libraries:
libcbor.so.0: cannot open shared object file: No such file or directory
ssh_msg_recv: read header: Connection reset by peer
client_converse: receive: unexpected internal error
reap_helper: helper exited with non-zero exit status
Key enrollment failed: unexpected internal error
To start, /usr/lib/openssh/ssh-sk-helper references the shared library
libcbor by libcbor.so.0, which is not created by the libcbor0.8
package. After creating a symbolic link for libcbor.so.0 to
libcbor.so.0.8, ssh-sk-helper continues, but now fails on an undefined
symbol: fido_cred_set_clientdata:
$ ssh-keygen -t ed25519-sk -O resident -f ~/.ssh/somu_id
Generating public/private ed25519-sk key pair.
You may need to touch your authenticator to authorize key generation.
Enter PIN for authenticator:
/usr/lib/openssh/ssh-sk-helper: symbol lookup error:
/usr/lib/openssh/ssh-sk-helper: undefined symbol: fido_cred_set_clientdata
ssh_msg_recv: read header: Connection reset by peer
client_converse: receive: unexpected internal error
reap_helper: helper exited with non-zero exit status
Key enrollment failed: unexpected internal error
Which is confirmed by the output of ldd:
$ ldd -r /usr/lib/openssh/ssh-sk-helper
linux-vdso.so.1 (0x00007ffe4af2e000)
libcrypto.so.3 => /lib/x86_64-linux-gnu/libcrypto.so.3
(0x00007fb8621e7000)
libfido2.so.1 => /usr/local/lib/libfido2.so.1 (0x00007fb8621bd000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fb861f95000)
libcbor.so.0 => /lib/x86_64-linux-gnu/libcbor.so.0
(0x00007fb861f87000)
libcrypto.so.1.1 => /lib/x86_64-linux-gnu/libcrypto.so.1.1
(0x00007fb861cac000)
libudev.so.1 => /lib/x86_64-linux-gnu/libudev.so.1
(0x00007fb861c82000)
/lib64/ld-linux-x86-64.so.2 (0x00007fb862672000)
undefined symbol: fido_cred_set_clientdata
(/usr/lib/openssh/ssh-sk-helper)
undefined symbol: fido_dev_get_touch_status
(/usr/lib/openssh/ssh-sk-helper)
undefined symbol: fido_cred_set_prot (/usr/lib/openssh/ssh-sk-helper)
undefined symbol: fido_assert_set_clientdata
(/usr/lib/openssh/ssh-sk-helper)
undefined symbol: fido_cred_prot (/usr/lib/openssh/ssh-sk-helper)
undefined symbol: fido_dev_supports_cred_prot
(/usr/lib/openssh/ssh-sk-helper)
undefined symbol: fido_dev_get_touch_begin
(/usr/lib/openssh/ssh-sk-helper)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1987736/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
