On Tue, Nov 08, 2022 at 04:57:40PM +0200, Rogan Dawes wrote: > I have created an SSH private key in my M1 Mac's Secure Enclave, and am > using it to SSH to various targets. Those using OpenSSH work fine, and I am > prompted to unlock the SE. However, those using dropbear do not work, > giving me the following result on the client: > > debug1: Offering public key: ecdsa-sha2-nistp256 ECDSA SHA256:XXX agent
> The targets that I have available are OpenWrt 21.02.1 running Dropbear > v2020.81 and 22.03.0 running Dropbear v2022.82. Ah, OpenWRT doesn't include ecdsa support (for size reasons) - only remembered that now. You'll have to use rsa or ed25519 instead if possible. It's possible to rebuild their package with the DROPBEAR_ECC openwrt config option. Cheers, Matt