[Bug 1387908] Re: [udev] FIDO u2f security keys should be supported out of the box
brian at ubuntu.com
Thu May 5 17:31:29 UTC 2016
Hello Dimitri, or anyone else affected,
Accepted systemd into xenial-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/systemd/229-4ubuntu5
in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed. Your feedback will aid us getting this update
out to other Ubuntu users.
If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed. In either case, details of your testing will help
us make a better decision.
Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in
** Changed in: systemd (Ubuntu Xenial)
Status: In Progress => Fix Committed
** Tags added: verification-needed
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
[udev] FIDO u2f security keys should be supported out of the box
Status in systemd package in Ubuntu:
Status in systemd source package in Trusty:
Status in systemd source package in Xenial:
* Users plugin U2F key and it does not work in Google Chrome
* Have stock ubuntu install, without custom U2F rules or libu2f-host0
* Use U2F factor authentication website e.g. google apps, github,
* Pluging in the key, should just work and complete U2F
authentication instead of timing out
* Should not conflict with libu2f-host0 udev rules which is where
these are currently shipped
FIDO u2f is an emerging standard for public-private cryptography based
2nd factor authentication, which improves on OTP by mitigating
phishing, man-in-the-middle attacks and reply attacks.
Google Chrome supports u2f devices which are now widely available from
Yubico (new premium neo Yubikeys and Security keys).
However, udev rules are required to setup permissions to allow the
web-browsers which are running as regular users to access the devices
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", MODE="0664", GROUP="plugdev",
Something like that should be enabled by default, however probably not
encode on the vendor/productid as other vendors will also make u2f
To manage notifications about this bug go to:
More information about the foundations-bugs