Yubico Security Keys

[Robert Ames]

On Thu, Sep 06, 2018 at 01:48:10PM +0200, Niclas Zeising wrote:
> > Yes, that works (using /etc/devfs.rules).  Thanks.  I also got it to work
> > using /etc/devd.conf
> >
> > # Yubico Security Key
> > attach 100 {
> >          match "vendor" "0x1050";
> >          match "product" "0x0120";
> >          device-name "uhid[0-9]+";
> >          action "/usr/sbin/chown robert /dev/$device-name";
> > };
> >
> > running "usbconfig dump_device_desc" to get the vendor and product ids.
> > I didn't have to touch /dev/ugen1.4 or /dev/usb/1.4.0.  Not sure which is
> > the more correct way to do this.  But they both work.
> >
> > So things now work great on the Yubico demo site.  Sadly I cannot get it
> > to work in Google.  Google doesn't respond when I press the gold disc
> > during the registration process.
>
>
> There is a port, security/u2f-devd [0] that sets up devd rules for use
> with yubico and other devices.  That works great for me.  Install it and
> follow the instructions.
>
> [0] https://www.freshports.org/security/u2f-devd/

Just to close this out, the Yubikey DOES work with Google using
Firefox.  The only catch is you can't register a key with Google
using Firefox.  You have to use Chromium.  Once you register your
key using Chromium you can use Firefox to login.  See explanation
here:

https://www.ctrl.blog/entry/firefox-u2f-google

For the record, what works for me is 11.2-RELEASE, Firefox 60.0.1     
from ports/packages along with u2f-devd from ports/packages to  
handle the setup of devd.  And Chromium from ports/packages for the
registration step.  Thanks to all who sent me pointers.