Introduce

Fast ID Online

FIDO (Fast ID Online) is a set of technology-agnostic security specifications for strong authentication. FIDO is developed by the FIDO Alliance, a non-profit organization formed in 2012.

  1. https://fidoalliance.org/
  2. https://www.w3.org/Webauthn/
  3. http://searchsecurity.techtarget.com/definition/FIDO-Fast-Identity-Online

Library

  1. https://github.com/Yubico/pam-u2f
  2. https://github.com/Yubico/php-u2flib-server
  3. https://github.com/Yubico/python-u2flib-server
  4. https://github.com/Yubico/wordpress-u2f
  5. https://github.com/Yubico/libu2f-host
  6. https://github.com/Yubico/libfido2
  7. https://github.com/Yubico/java-u2flib-server
  8. https://github.com/google/u2f-ref-code

Products

  1. https://www.secureblackbox.com/
  2. https://www.rcdevs.com/products/openotp/

OpenSSH

OpenSSH(from 8.2), the internet's most popular utility for managing remote servers, has added today support for the FIDO/U2F protocol.

与 FIDO 相关的SSH登陆算法一共4种:

  • sk-ecdsa-sha2-nistp256@openssh.com
  • sk-ecdsa-sha2-nistp256-cert-v01@openssh.com
  • sk-ssh-ed25519@openssh.com
  • sk-ssh-ed25519-cert-v01@openssh.com

FIDO U2F 使用 P-256 算法,而 FIDO2 使用 ED25519 算法。

Reference

  1. https://fidoalliance.org/assets/downloads/FIDO-U2F-UAF-Tutorial-v1.pdf
  2. https://www.zdnet.com/article/openssh-adds-support-for-fidou2f-security-keys/ - OpenSSH adds support for FIDO/U2F security keys