Skip to content

Instantly share code, notes, and snippets.

@joostd

joostd/build-libsk-libfido2.sh

Last active February 11, 2024 13:35
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save joostd/efcd4abaa11304479aac7f322630b16d to your computer and use it in GitHub Desktop.
Save joostd/efcd4abaa11304479aac7f322630b16d to your computer and use it in GitHub Desktop.
Download ZIP
build libsk-libfido2 for use with Apple's build of OpenSSH on MacOS
Raw
build-libsk-libfido2.sh
# See https://gist.github.com/thelastlin/c45b96cf460919e39ab5807b6d20ac2a
set -e
# get source
if [[ ! -d openssh-portable ]] ; then
git clone https://github.com/openssh/openssh-portable.git
fi
cd openssh-portable
# patch
if [[ ! -f workaround-standalone-libsk.patch ]] ; then
wget https://gist.githubusercontent.com/thelastlin/c45b96cf460919e39ab5807b6d20ac2a/raw/d84ee70a8f0d8cf846ae8b9f1fa6a4071797123e/workaround-standalone-libsk.patch
patch < workaround-standalone-libsk.patch
fi
# use OpenSSL from brew
export LDFLAGS="-L/opt/homebrew/opt/openssl@1.1/lib"
export CPPFLAGS="-I/opt/homebrew/opt/openssl@1.1/include"
export PKG_CONFIG_PATH="/opt/homebrew/opt/openssl@1.1/lib/pkgconfig"
autoreconf
./configure
export LDFLAGS="$(grep ^LDFLAGS= Makefile|cut -d= -f2-)"
export LIBFIDO2="$(grep ^LIBFIDO2= Makefile|cut -d= -f2-)"
export CC="$(grep ^CC= Makefile|cut -d= -f2-)"
# build
make libssh.a CFLAGS="-O2 -fPIC"
make openbsd-compat/libopenbsd-compat.a CFLAGS="-O2 -fPIC"
make sk-usbhid.o CFLAGS="-O2 -DSK_STANDALONE -fPIC"
echo $LIBFIDO2 | xargs ${CC} -shared openbsd-compat/libopenbsd-compat.a sk-usbhid.o libssh.a -O2 -fPIC -o libsk-libfido2.so
# install
sudo cp libsk-libfido2.so /usr/local/lib/
# test
/usr/bin/ssh-keygen -t ecdsa-sk -f ./id -N "" -w /usr/local/lib/libsk-libfido2.so
SSH_SK_PROVIDER=/usr/local/lib/libsk-libfido2.so /usr/bin/ssh -T git@github.com
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment