Date: Wed, 3 Jun 2020 15:19:01 -0000 (UTC) From: Christian Weisgerber <naddy@mips.inka.de> To: freebsd-questions@freebsd.org Subject: Re: FIDO authentication Message-ID: <slrnrdffr5.1hrp.naddy@lorvorc.mips.inka.de> References: <24270.62418.992039.257025@jerusalem.litteratus.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2020-05-27, Robert Huff <roberthuff@rcn.com> wrote: > Various sites are reporting the FIDO Alliance > ("https://www.fidoalliance.org") has announced a major common > authentication initiative support by (/inter alia/) Google, Microsoft, > and Apple. > I'm assuming this requires some level of OS support; is anyone in > the FreeBSD community aware of/interested in this? I depends on where you want to make use of this type of authentication. At the application level, you only need access to uhid(4) devices. You can install the security/u2f-devd port and add the user to group u2f. That is enough to use basic U2F (FIDO1) support in Firefox. uhid1 on uhub0 uhid1: <Yubico Security Key by Yubico, class 0/0, rev 2.00/5.12, addr 19> on usbus0 Works fine for me at https://demo.yubico.com/ OpenSSH 8.2 has added support for U2F/FIDO hardware authenticators: https://www.openssh.com/txt/release-8.2 I haven't checked to what degree the security/openssh-portable port supports this. -- Christian "naddy" Weisgerber naddy@mips.inka.de
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?slrnrdffr5.1hrp.naddy>