Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Thread Tools Display Modes
  #1   (View Single Post)  
Old 24th May 2020
CiotBSD CiotBSD is offline
Join Date: Jun 2019
Location: Under /
Posts: 112
Default [OpenBSD 6.7] Using USB key U2F/Fido?!


With OpenBSD 6.7, the lib fido(4) shipped or the manpage login_yubikey(8).

Useful for one Yubikey. (with the tool yubikey-personalization-gui).

OK, but if the USB key is not a Yubikey, as an HYPERSECU HyperFIDO Mini (U2F Security key), or another U2F key?
to login at my X session?

I note on dmesg, it is properly detected:
uhidev5 at uhub1 port 1 configuration 1 interface 0 "HS HyperFIDO Token" rev 1.10/54.00 addr 3
uhidev5: iclass 3/0
fido0 at uhidev5: input=64, output=64, feature=0

but how I do to set my OS to use-it with browser web?! <= OK, I test with GitHub and GitLab. Without any modification of any file, it is well detected - with Firefox - and the 2FA succeeds!


I see on this article this other interesting information about OpenSSH 8.2 : It seems need to generate a new SSH key with algo ecdsa-sk or ed25519-sk before using U2F Key… for login to SSH. quid?!
GPG:Fingerprint ed25519 : 072A 4DA2 8AFD 868D 74CF 9EA2 B85E 9ADA C377 5E8E
GPG:Fingerprint rsa4096 : 4E0D 4AF7 77F5 0FAE A35D 5B62 D0FF 7361 59BF 1733

Last edited by CiotBSD; 25th May 2020 at 12:22 AM.
Reply With Quote

fido, openbsd, security, u2f

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
"Forget passwords!": Google joins FIDO J65nko News 1 30th April 2013 05:19 AM

All times are GMT. The time now is 01:53 AM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick