cli.pignat.org

`somu` - FIDO2 security key

somu - FIDO2 security key

by RandomReaper

ubuntu 18.04 16.04 2fa

2FA using an open source (hardware and firmware) key.

Setup

Connect the security key, then create the file /etc/udev/rules.d/70-solokeys-access.rules:

# Notify ModemManager this device should be ignored
ACTION!="add|change|move", GOTO="mm_usb_device_blacklist_end"
SUBSYSTEM!="usb", GOTO="mm_usb_device_blacklist_end"
ENV{DEVTYPE}!="usb_device",  GOTO="mm_usb_device_blacklist_end"

ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", ENV{ID_MM_DEVICE_IGNORE}="1"

LABEL="mm_usb_device_blacklist_end"


# Solo bootloader + firmware access
SUBSYSTEM=="hidraw", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", TAG+="uaccess"
SUBSYSTEM=="tty", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", TAG+="uaccess"

# ST DFU access
SUBSYSTEM=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="df11", TAG+="uaccess"

# U2F Zero
SUBSYSTEM=="hidraw", ATTRS{idVendor}=="10c4", ATTRS{idProduct}=="8acf", TAG+="uaccess"

Then reload the rules:

sudo udevadm control --reload-rules && sudo udevadm trigger

Testing

webauthn.io can be used to test the security key.

  1. Enter username
  2. Click Register (you’ll be asked to confirm by touching your key), If your key LED is on and this step does not work, you may double check the setup step.
  3. Clikc Login
  4. Ta-dah!

~~~

Question, remark, bug? Don't hesitate to contact me or report a bug.