From f7e799b8d910df72201096eb489f889990370981 Mon Sep 17 00:00:00 2001
From: bagajjal <bagajjal@microsoft.com>
Date: Mon, 21 Mar 2022 18:10:30 -0700
Subject: [PATCH] Created FIDO / U2F usage (markdown)

---
 FIDO---U2F-usage.md | 51 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)
 create mode 100644 FIDO---U2F-usage.md

diff --git a/FIDO---U2F-usage.md b/FIDO---U2F-usage.md
new file mode 100644
index 0000000..fa25251
--- /dev/null
+++ b/FIDO---U2F-usage.md
@@ -0,0 +1,51 @@
+FIDO/U2F is supported in win32-openssh V8.9.0.0+.
+
+* Make sure SYSTEM PATH environment variable has the Win32-OpenSSH V8.9.0.0+ folder path.
+
+* Please note, **V8.9.0.0 MSI installation** has a bug related to FIDO. Refer to https://github.com/PowerShell/Win32-OpenSSH/issues/1914.
+
+* Resident keys (SSH keys are stored on the hardware device). 
+    * cd <openssh_bin_folder_path>
+    * Create the resident keys
+
+       `ssh-keygen.exe -t ecdsa-sk -f .\id-ecdsa-sk -O "resident"`
+
+    * If you want to download the resident keys from the hardware device. Run in an **elevated administrator ** terminal.
+
+       `ssh-keygen.exe -K`
+
+    * copy the public key (`.\id_ecdsa-sk[<GUID>].pub`) to authorized_keys file.
+
+    * SSH connection must be successful
+
+       `ssh.exe user@ip -i .\id_ecdsa-sk[<GUID>]`
+
+    * register with ssh-agent
+
+       `ssh-add.exe .\id_ecdsa-sk[<GUID>]
+       ssh-add.exe -L`
+
+    * SSH connection must be successful
+
+       `ssh.exe user@ip`
+
+* Non-resident keys (keys not stored on the hardware device)
+    * cd <openssh_bin_folder_path>
+    * Create the non-resident keys
+
+       `ssh-keygen.exe -t ecdsa-sk -f .\id-ecdsa-sk`
+
+    * copy the public key (`.\id_ecdsa-sk.pub`) to authorized_keys file.
+
+    * SSH connection must be successful
+
+       `ssh.exe user@ip -i .\id_ecdsa-sk`
+
+    * register with ssh-agent
+
+       `ssh-add.exe .\id_ecdsa-sk
+       ssh-add.exe -l`
+
+    * SSH connection must be successful
+
+       `ssh.exe user@ip`
\ No newline at end of file