Rather than update Linux udev rules for every new device that supports fido u2f, I followed the recommendation in this thread
https://www.mail-archive.com/systemd-de ... 24330.html and wrote a short program that reads hid device usage pages looking for 0xF1D0. The code is here
https://gist.github.com/ghoff/f0675b40b7f0d686a980With the u2f-detect program compiled and placed in /lib/udev, the only rule that needs to be in /lib/udev/rules.d/70-u2f.rules is
Code:
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ENV{ID_SECURITY_TOKEN}!="?*", IMPORT{program}="u2f-detect $devnode"
The rules in the existing 70-uaccess.rules will grant the local user access to the /dev/hidraw? u2f device. This has been tested on Ubuntu 14.04 with a Yubico security key. It should work equally well with a NEO, NEO-n, the security key from plug-up and any future device.
Login
FAQ
Search
