Yubico Security Keys

Robert Ames robertames at hotmail.com
Sat Sep 8 02:28:56 UTC 2018

On Thu, Sep 06, 2018 at 01:48:10PM +0200, Niclas Zeising wrote:
> > Yes, that works (using /etc/devfs.rules).  Thanks.  I also got it to work
> > using /etc/devd.conf
> >
> > # Yubico Security Key
> > attach 100 {
> >          match "vendor" "0x1050";
> >          match "product" "0x0120";
> >          device-name "uhid[0-9]+";
> >          action "/usr/sbin/chown robert /dev/$device-name";
> > };
> >
> > running "usbconfig dump_device_desc" to get the vendor and product ids.
> > I didn't have to touch /dev/ugen1.4 or /dev/usb/1.4.0.  Not sure which is
> > the more correct way to do this.  But they both work.
> >
> > So things now work great on the Yubico demo site.  Sadly I cannot get it
> > to work in Google.  Google doesn't respond when I press the gold disc
> > during the registration process.
> There is a port, security/u2f-devd [0] that sets up devd rules for use
> with yubico and other devices.  That works great for me.  Install it and
> follow the instructions.
> [0] https://www.freshports.org/security/u2f-devd/

Just to close this out, the Yubikey DOES work with Google using
Firefox.  The only catch is you can't register a key with Google
using Firefox.  You have to use Chromium.  Once you register your
key using Chromium you can use Firefox to login.  See explanation


For the record, what works for me is 11.2-RELEASE, Firefox 60.0.1     
from ports/packages along with u2f-devd from ports/packages to  
handle the setup of devd.  And Chromium from ports/packages for the
registration step.  Thanks to all who sent me pointers.

More information about the freebsd-stable mailing list