Yubico Security Keys
Robert Ames
robertames at hotmail.com
Sat Sep 8 02:28:56 UTC 2018
On Thu, Sep 06, 2018 at 01:48:10PM +0200, Niclas Zeising wrote:
> > Yes, that works (using /etc/devfs.rules). Thanks. I also got it to work
> > using /etc/devd.conf
> >
> > # Yubico Security Key
> > attach 100 {
> > match "vendor" "0x1050";
> > match "product" "0x0120";
> > device-name "uhid[0-9]+";
> > action "/usr/sbin/chown robert /dev/$device-name";
> > };
> >
> > running "usbconfig dump_device_desc" to get the vendor and product ids.
> > I didn't have to touch /dev/ugen1.4 or /dev/usb/1.4.0. Not sure which is
> > the more correct way to do this. But they both work.
> >
> > So things now work great on the Yubico demo site. Sadly I cannot get it
> > to work in Google. Google doesn't respond when I press the gold disc
> > during the registration process.
>
>
> There is a port, security/u2f-devd [0] that sets up devd rules for use
> with yubico and other devices. That works great for me. Install it and
> follow the instructions.
>
> [0] https://www.freshports.org/security/u2f-devd/
Just to close this out, the Yubikey DOES work with Google using
Firefox. The only catch is you can't register a key with Google
using Firefox. You have to use Chromium. Once you register your
key using Chromium you can use Firefox to login. See explanation
here:
https://www.ctrl.blog/entry/firefox-u2f-google
For the record, what works for me is 11.2-RELEASE, Firefox 60.0.1
from ports/packages along with u2f-devd from ports/packages to
handle the setup of devd. And Chromium from ports/packages for the
registration step. Thanks to all who sent me pointers.
More information about the freebsd-stable
mailing list