background0: I'm trying to implement hardware SSH key suport for age background1: It's my first time using Go and FIDO, Go is easy
So I want to know if it is possible to decrypt the SSH identity and get the cryptographic part, just like the result when decoding normal SSH private key. I know this must need to communicate with FIDO hardware, by using "key_handle". I found three function in OpenSSH's sk-api.h: sk_enroll /* Enroll a U2F key (private key generation) */ sk_sign /* Sign a challenge */ sk_load_resident_keys /* Enumerate all resident keys */ The usage of first and third one is quite easy to understand, but what about the second one? Is that what I want? ~digua