FIDO authentication
Christian Weisgerber
naddy at mips.inka.de
Wed Jun 3 15:20:10 UTC 2020
On 2020-05-27, Robert Huff <roberthuff at rcn.com> wrote:
> Various sites are reporting the FIDO Alliance
> ("https://www.fidoalliance.org") has announced a major common
> authentication initiative support by (/inter alia/) Google, Microsoft,
> and Apple.
> I'm assuming this requires some level of OS support; is anyone in
> the FreeBSD community aware of/interested in this?
I depends on where you want to make use of this type of authentication.
At the application level, you only need access to uhid(4) devices.
You can install the security/u2f-devd port and add the user to group
u2f. That is enough to use basic U2F (FIDO1) support in Firefox.
uhid1 on uhub0
uhid1: <Yubico Security Key by Yubico, class 0/0, rev 2.00/5.12, addr 19> on usbus0
Works fine for me at
https://demo.yubico.com/
OpenSSH 8.2 has added support for U2F/FIDO hardware authenticators:
https://www.openssh.com/txt/release-8.2
I haven't checked to what degree the security/openssh-portable port
supports this.
--
Christian "naddy" Weisgerber naddy at mips.inka.de
More information about the freebsd-questions
mailing list