Yubico FIDO U2F security key

opensuse 42.2
linux 4.4.36-8-default x86_64

Does the FIDO U2F security key work with Firefox?

The Yubico site had a special udev rule to add to the system. Now the key is accessible with Chrome, but not Firefox. Is there something further to do? Or just SOL for now?

This is something only Yubico can answer for sure…

I suspect that a udev rule only enables hardware detection… which may or may not be necessary.
I’m pretty sure you need the Firefox plug-in to provide UDF integration and support,
https://addons.mozilla.org/en-Gb/firefox/addon/u2f-support-add-on/

TSU

I’m fairly certain the udev rule was necessary. Chrome did not see the key until the rule was in place.

Thank you, that was the missing piece.

Sometimes it is hard to decide where the best place is to find assistance. In this case Yubico seemed a good start, but then this is linux which tends to be ignored, and the Firefox groups are often MS- and Apple-centric.

Regarding the udev rule, in one way it’s not surprising because devices need to be recognized correctly to function, but I wonder how unique a security dongle really is… I’d think that there should be a general “device class” which Yubico would considered a part of… on the other hand, if there is something Yubico is that is extremely uniquely special I’m not aware of then it can be a piece of hardware that “stands alone.”

And then if Yubico really is something so unique maybe the hardware definition should be submitted for inclusion into the mainline kernel.

TSU

On Wed, 04 Jan 2017 06:16:02 +0000, jimoe666 wrote:

> opensuse 42.2 linux 4.4.36-8-default x86_64
>
> Does the FIDO U2F security key work with Firefox?
>
> The Yubico site had a special udev rule to add to the system. Now the
> key is accessible with Chrome, but not Firefox. Is there something
> further to do? Or just SOL for now?

Which specific key are you using? I’ve got a couple of different ones -
I use them with Chrome, but haven’t tried with FF on 42.1 here.

Jim

Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

On Wed, 04 Jan 2017 18:56:01 +0000, tsu2 wrote:

> jimoe666;2806973 Wrote:
>> I’m fairly certain the udev rule was necessary. Chrome did not see the
>> key until the rule was in place.
>>
>>
>> Thank you, that was the missing piece.
>>
>> Sometimes it is hard to decide where the best place is to find
>> assistance. In this case Yubico seemed a good start, but then this is
>> linux which tends to be ignored, and the Firefox groups are often MS-
>> and Apple-centric.
>
> Regarding the udev rule, in one way it’s not surprising because devices
> need to be recognized correctly to function, but I wonder how unique a
> security dongle really is… I’d think that there should be a general
> “device class” which Yubico would considered a part of… on the other
> hand, if there is something Yubico is that is extremely uniquely special
> I’m not aware of then it can be a piece of hardware that “stands alone.”
>
> And then if Yubico really is something so unique maybe the hardware
> definition should be submitted for inclusion into the mainline kernel.

As I recall, I didn’t need to set up a udev rule initially when I set up
my Yubikeys - they were just plug-and-play IIRC.

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

Yubico FIDO U2F security key.

On Thu, 05 Jan 2017 01:06:01 +0000, jimoe666 wrote:

> hendersj;2806983 Wrote:
>> Which specific key are you using?
> Yubico FIDO U2F security key.

Ah, OK - that must be a new one. I’m using the Yubico NEO key, which has
U2F capabilities. I’ve also got a couple of the older Yubikey 4 devices
that I play around with.

Jim

Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C