Date: Wed, 5 Sep 2018 18:34:42 +0000 From: Robert Ames <robertames@hotmail.com> To: "O'Connor, Daniel" <darius@dons.net.au> Cc: "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org> Subject: RE: Yubico Security Keys Message-ID: <SN6PR08MB5070E1CE5B15417592DD0895C9020@SN6PR08MB5070.namprd08.prod.outlook.com> In-Reply-To: <7DA3F074-12CF-43C4-A514-19651112EE42@dons.net.au> References: <SN6PR08MB50700E8EAFDEDA7646671E6EC9030@SN6PR08MB5070.namprd08.prod.outlook.com> <1AEEDB86-DF6B-433B-A413-452F105D9A53@dons.net.au> <SN6PR08MB5070379187FA4800E9B1537EC9020@SN6PR08MB5070.namprd08.prod.outlook.com>, <7DA3F074-12CF-43C4-A514-19651112EE42@dons.net.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Sep 05, 2018 at 01:00:20PM +0930, O'Connor, Daniel wrote: > > On 5 Sep 2018, at 12:43, Robert Ames <robertames@hotmail.com> wrote: > >>> On 5 Sep 2018, at 08:33, Robert Ames <robertames@hotmail.com> wrote: > >>> FreeBSD sees the device: > >>> > >>> Sep 4 17:25:13 freebsd kernel: ugen1.4: <Yubico Security Key by Yubi= co> at usbus1 > >>> Sep 4 17:25:13 freebsd kernel: uhid0 on uhub4 > >>> Sep 4 17:25:13 freebsd kernel: uhid0: <Yubico Security Key by Yubico= , class 0/0, rev 2.00/5.02, addr 4> on usbus1 > >>> > >>> So should this just work out of the box or is there something I'm > >>> missing? =20 > >> > >> Hi Robert, > >> I don't have any Yubikeys but have you tried checking the permissions = of /dev/uhid0* and /dev/ugen1.4 (which will be a symlink to usb/1.4.0) ? > >> You can chmod them for now and then if that works have a devd conf or = devfs rule which sets the permissions appropriately when the device is conn= ected. > >> > >> If permissions are the problem it would be nice to see if the error me= ssage can be improved too :) > >> > >> -- > >> Daniel O'Connor > > > > I had done a manual chmod 777 /dev/usb/1.4.0 but had overlooked /dev/uh= id0. > > Once I did a chmod 777 on that it worked. Thank you. Any suggestions = on the > > best way to add a devd conf or devfs rule for this thing? > > Add this to /etc/devfs.conf.. > [root=3D100] > add path 'uhid*' group users mode 660 > > (Assuming your user is in the 'users' group - adjust to taste, devfs(8) h= as the details) > > And this to /etc/rc.conf.. > devfs_system_ruleset=3D"root" > > Then do.. > sudo service devfs restart > > And unplug/replug the key. > > -- > Daniel O'Connor =20 Yes, that works (using /etc/devfs.rules). Thanks. I also got it to work using /etc/devd.conf =20 # Yubico Security Key attach 100 { match "vendor" "0x1050"; match "product" "0x0120"; device-name "uhid[0-9]+"; action "/usr/sbin/chown robert /dev/$device-name"; }; =20 running "usbconfig dump_device_desc" to get the vendor and product ids. I didn't have to touch /dev/ugen1.4 or /dev/usb/1.4.0. Not sure which is the more correct way to do this. But they both work. So things now work great on the Yubico demo site. Sadly I cannot get it to work in Google. Google doesn't respond when I press the gold disc during the registration process.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?SN6PR08MB5070E1CE5B15417592DD0895C9020>