From cc3d3c63eca7a55acf9d8b50d96c2f31432c5a90 Mon Sep 17 00:00:00 2001 From: Fabian Henneke Date: Fri, 8 May 2020 19:25:11 +0200 Subject: [PATCH 1/2] Mention that systemd 244+ detects FIDO devices --- docs/solo/udev.md | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/docs/solo/udev.md b/docs/solo/udev.md index dcada7a..90fec6d 100644 --- a/docs/solo/udev.md +++ b/docs/solo/udev.md @@ -4,17 +4,13 @@ On Linux, by default USB dongles can't be accessed by users, for security reason For some users, things will work automatically: + - Recent Linux distributions with systemd 244 or higher automatically detect FIDO devices (check with `systemd --version`) - Fedora seems to use a ["universal" udev rule for FIDO devices](https://github.com/amluto/u2f-hidraw-policy) - Our udev rule made it into [libu2f-host](https://github.com/Yubico/libu2f-host/) v1.1.10 - Arch Linux [has this package](https://www.archlinux.org/packages/community/x86_64/libu2f-host/) - [Debian sid](https://packages.debian.org/sid/libu2f-udev) and [Ubuntu Eon](https://packages.ubuntu.com/eoan/libu2f-udev) can use the `libu2f-udev` package - - Debian Buster and Ubuntu Disco still distribute v1.1.10, so need the manual rule - FreeBSD has support in [u2f-devd](https://github.com/solokeys/solo/issues/144#issuecomment-500216020) -There is hope that `udev` itself will adopt the Fedora approach (which is to check for HID usage page `F1D0`, and avoids manually whitelisting each U2F/FIDO2 key): . - -Further progress is tracked in: . - If you still need to setup a rule, a simple way to do it is: ``` From 1bf071f8b4b9f5453f5caa05a3730c3b89409391 Mon Sep 17 00:00:00 2001 From: Fabian Henneke Date: Fri, 8 May 2020 19:28:16 +0200 Subject: [PATCH 2/2] Update udev.md --- docs/solo/udev.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/solo/udev.md b/docs/solo/udev.md index 90fec6d..ffc7b75 100644 --- a/docs/solo/udev.md +++ b/docs/solo/udev.md @@ -4,7 +4,7 @@ On Linux, by default USB dongles can't be accessed by users, for security reason For some users, things will work automatically: - - Recent Linux distributions with systemd 244 or higher automatically detect FIDO devices (check with `systemd --version`) + - Recent Linux distributions (such as Ubuntu Focal, Fedora 32) with systemd 244 or higher automatically detect FIDO devices (check with `systemd --version`) - Fedora seems to use a ["universal" udev rule for FIDO devices](https://github.com/amluto/u2f-hidraw-policy) - Our udev rule made it into [libu2f-host](https://github.com/Yubico/libu2f-host/) v1.1.10 - Arch Linux [has this package](https://www.archlinux.org/packages/community/x86_64/libu2f-host/)