Public bug reported: I'm trying to create a resident key on my (SOMU) fido2 key using the following command:
$ ssh-keygen -t ed25519-sk -O resident -f ~/.ssh/somu_id -O verify-required Generating public/private ed25519-sk key pair. You may need to touch your authenticator to authorize key generation. Enter PIN for authenticator: /usr/lib/openssh/ssh-sk-helper: error while loading shared libraries: libcbor.so.0: cannot open shared object file: No such file or directory ssh_msg_recv: read header: Connection reset by peer client_converse: receive: unexpected internal error reap_helper: helper exited with non-zero exit status Key enrollment failed: unexpected internal error To start, /usr/lib/openssh/ssh-sk-helper references the shared library libcbor by libcbor.so.0, which is not created by the libcbor0.8 package. After creating a symbolic link for libcbor.so.0 to libcbor.so.0.8, ssh- sk-helper continues, but now fails on an undefined symbol: fido_cred_set_clientdata: $ ssh-keygen -t ed25519-sk -O resident -f ~/.ssh/somu_id Generating public/private ed25519-sk key pair. You may need to touch your authenticator to authorize key generation. Enter PIN for authenticator: /usr/lib/openssh/ssh-sk-helper: symbol lookup error: /usr/lib/openssh/ssh-sk-helper: undefined symbol: fido_cred_set_clientdata ssh_msg_recv: read header: Connection reset by peer client_converse: receive: unexpected internal error reap_helper: helper exited with non-zero exit status Key enrollment failed: unexpected internal error Which is confirmed by the output of ldd: $ ldd -r /usr/lib/openssh/ssh-sk-helper linux-vdso.so.1 (0x00007ffe4af2e000) libcrypto.so.3 => /lib/x86_64-linux-gnu/libcrypto.so.3 (0x00007fb8621e7000) libfido2.so.1 => /usr/local/lib/libfido2.so.1 (0x00007fb8621bd000) libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fb861f95000) libcbor.so.0 => /lib/x86_64-linux-gnu/libcbor.so.0 (0x00007fb861f87000) libcrypto.so.1.1 => /lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007fb861cac000) libudev.so.1 => /lib/x86_64-linux-gnu/libudev.so.1 (0x00007fb861c82000) /lib64/ld-linux-x86-64.so.2 (0x00007fb862672000) undefined symbol: fido_cred_set_clientdata (/usr/lib/openssh/ssh-sk-helper) undefined symbol: fido_dev_get_touch_status (/usr/lib/openssh/ssh-sk-helper) undefined symbol: fido_cred_set_prot (/usr/lib/openssh/ssh-sk-helper) undefined symbol: fido_assert_set_clientdata (/usr/lib/openssh/ssh-sk-helper) undefined symbol: fido_cred_prot (/usr/lib/openssh/ssh-sk-helper) undefined symbol: fido_dev_supports_cred_prot (/usr/lib/openssh/ssh-sk-helper) undefined symbol: fido_dev_get_touch_begin (/usr/lib/openssh/ssh-sk-helper) ** Affects: openssh (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1987736 Title: ssh-sk-helper undefined symbol fido_cred_set_clientdata Status in openssh package in Ubuntu: New Bug description: I'm trying to create a resident key on my (SOMU) fido2 key using the following command: $ ssh-keygen -t ed25519-sk -O resident -f ~/.ssh/somu_id -O verify-required Generating public/private ed25519-sk key pair. You may need to touch your authenticator to authorize key generation. Enter PIN for authenticator: /usr/lib/openssh/ssh-sk-helper: error while loading shared libraries: libcbor.so.0: cannot open shared object file: No such file or directory ssh_msg_recv: read header: Connection reset by peer client_converse: receive: unexpected internal error reap_helper: helper exited with non-zero exit status Key enrollment failed: unexpected internal error To start, /usr/lib/openssh/ssh-sk-helper references the shared library libcbor by libcbor.so.0, which is not created by the libcbor0.8 package. After creating a symbolic link for libcbor.so.0 to libcbor.so.0.8, ssh-sk-helper continues, but now fails on an undefined symbol: fido_cred_set_clientdata: $ ssh-keygen -t ed25519-sk -O resident -f ~/.ssh/somu_id Generating public/private ed25519-sk key pair. You may need to touch your authenticator to authorize key generation. Enter PIN for authenticator: /usr/lib/openssh/ssh-sk-helper: symbol lookup error: /usr/lib/openssh/ssh-sk-helper: undefined symbol: fido_cred_set_clientdata ssh_msg_recv: read header: Connection reset by peer client_converse: receive: unexpected internal error reap_helper: helper exited with non-zero exit status Key enrollment failed: unexpected internal error Which is confirmed by the output of ldd: $ ldd -r /usr/lib/openssh/ssh-sk-helper linux-vdso.so.1 (0x00007ffe4af2e000) libcrypto.so.3 => /lib/x86_64-linux-gnu/libcrypto.so.3 (0x00007fb8621e7000) libfido2.so.1 => /usr/local/lib/libfido2.so.1 (0x00007fb8621bd000) libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fb861f95000) libcbor.so.0 => /lib/x86_64-linux-gnu/libcbor.so.0 (0x00007fb861f87000) libcrypto.so.1.1 => /lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007fb861cac000) libudev.so.1 => /lib/x86_64-linux-gnu/libudev.so.1 (0x00007fb861c82000) /lib64/ld-linux-x86-64.so.2 (0x00007fb862672000) undefined symbol: fido_cred_set_clientdata (/usr/lib/openssh/ssh-sk-helper) undefined symbol: fido_dev_get_touch_status (/usr/lib/openssh/ssh-sk-helper) undefined symbol: fido_cred_set_prot (/usr/lib/openssh/ssh-sk-helper) undefined symbol: fido_assert_set_clientdata (/usr/lib/openssh/ssh-sk-helper) undefined symbol: fido_cred_prot (/usr/lib/openssh/ssh-sk-helper) undefined symbol: fido_dev_supports_cred_prot (/usr/lib/openssh/ssh-sk-helper) undefined symbol: fido_dev_get_touch_begin (/usr/lib/openssh/ssh-sk-helper) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1987736/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp