Conflict with multiple U2F keys with the same private key
Summary
I have two hardware wallets that allow U2F/FIDO2 login on Gitlab.com:
- Trezor One
- Trezor Model T
Both have the same private key inside (with the same secret words).
However, Gitlab.com only allows me to login with one of the keys (the one that was initially configured). And when I try to add the second key, it shows an error "key is already added".
With Google Account, adding one key, works both. Simple.
Thank you!
Steps to reproduce
- Gitlab login.
- Configure the first FIDO key.
- Gitlab logout.
- Gitlab login with my second FIDO key (but with the same private key inside).
- Login fail!
What is the current bug behavior?
Trezor has the most advanced U2F key system. The key itself is capable of delivering the private key independently for backup.
And this allows you to have a single private key on multiple U2F keys. Or buy a new key and re-build the private key on it, in case of loss.
So it's important that Gitlab works well with this!!
What is the expected correct behavior?
Gitlab must recognize each private key as a unique key, regardless of hardware.
Gitlab must allow the login with my two keys, adding only one.