Are you using a FIDO2 security key for logging into your website? You can use that same security key for logging into your SSH servers in Terminalski.
Overall process of setting this up is the same as generating 'ECDSA-SK' or 'Ed25519-SK' private keys in OpenSSH. However, unlike OpenSSH, Terminalski will make use of Windows Hello for accessing FIDO2 security keys. The following outlines the process.
Please note that Terminalski uses the same file format as OpenSSH. Hence if you already have *-SK private keys for OpenSSH, you can simply copy them to Terminalski Home Folder (ssh\keys) and use them without any modifications. OpenSSH clients should also be able to directly use the *-SK private keys generated in Terminalski.
Open 'Private Keys' window
Generate a new 'ECDSA-SK' or 'Ed25519-SK' private key
| ECDSA-SK |
When you select 'ECDSA-SK' and click 'Generate' in Windows 11, instead of an external FIDO2 security key, your computer is selected as a default storage option for Windows Hello. Using this default setting should not cause any problems; you might even prefer this option as you can seamlessly use Windows built-in security features such as fingerprint for accessing your new ECDSA-SK private key without requiring any external FIDO2 security key hardware. However, please keep in mind that you cannot import or export the private key stored on your computer; you can access the private key only from the same computer when you are logged in with the same Windows user account. If you are using Windows 10, you must use an external device that supports ECDSA private keys such as FIDO2 security keys. |
| Ed25519-SK |
Windows 10/11 does not support storing Ed25519 private keys on a local computer for Windows Hello, hence you need an external device that supports it such as FIDO2 security keys. |
Update your SSH 'publickey' user authentication
Once you have your new *-SK private key file, you can use it like a traditional private key file for SSH 'publickey' user authentication. Hence, you simply need to copy the public key to Windows clipboard and paste it to ~/.ssh/authorized_keys file on your SSH server. The following post has more detailed information about setting up the SSH 'publickey' user authentication:
