2014-10-31 00:25:01 |
Dimitri John Ledkov |
bug |
|
|
added bug |
2014-10-31 00:25:13 |
Dimitri John Ledkov |
nominated for series |
|
Ubuntu Vivid |
|
2014-10-31 00:25:13 |
Dimitri John Ledkov |
bug task added |
|
systemd (Ubuntu Vivid) |
|
2014-10-31 00:25:13 |
Dimitri John Ledkov |
nominated for series |
|
Ubuntu Utopic |
|
2014-10-31 00:25:13 |
Dimitri John Ledkov |
bug task added |
|
systemd (Ubuntu Utopic) |
|
2014-10-31 00:25:13 |
Dimitri John Ledkov |
nominated for series |
|
Ubuntu Trusty |
|
2014-10-31 00:25:13 |
Dimitri John Ledkov |
bug task added |
|
systemd (Ubuntu Trusty) |
|
2014-10-31 08:00:37 |
Martin Pitt |
systemd (Ubuntu Vivid): status |
New |
Incomplete |
|
2014-11-01 12:19:59 |
Launchpad Janitor |
systemd (Ubuntu Trusty): status |
New |
Confirmed |
|
2014-11-01 12:19:59 |
Launchpad Janitor |
systemd (Ubuntu Utopic): status |
New |
Confirmed |
|
2014-11-01 12:40:05 |
Martin Pitt |
summary |
FIDO u2f security keys should be supported out of the box |
[udev] FIDO u2f security keys should be supported out of the box |
|
2014-11-14 13:26:36 |
Martin Stolle |
bug |
|
|
added subscriber Martin Stolle |
2015-05-06 22:56:09 |
Brian Murray |
systemd (Ubuntu Vivid): status |
Incomplete |
Confirmed |
|
2015-08-11 18:42:53 |
Troy Ready |
bug |
|
|
added subscriber Troy Ready |
2016-02-05 01:58:11 |
Dimitri John Ledkov |
systemd (Ubuntu): status |
Incomplete |
Triaged |
|
2016-02-05 01:58:14 |
Dimitri John Ledkov |
systemd (Ubuntu): assignee |
|
Dimitri John Ledkov (xnox) |
|
2016-03-11 15:54:09 |
aanno |
bug |
|
|
added subscriber aanno |
2016-03-29 17:46:05 |
Nelson Elhage |
bug |
|
|
added subscriber Nelson Elhage |
2016-05-02 19:35:21 |
Martin Pitt |
bug task deleted |
systemd (Ubuntu Utopic) |
|
|
2016-05-02 19:35:27 |
Martin Pitt |
bug task deleted |
systemd (Ubuntu Vivid) |
|
|
2016-05-02 19:36:00 |
Martin Pitt |
nominated for series |
|
Ubuntu Xenial |
|
2016-05-02 19:36:00 |
Martin Pitt |
bug task added |
|
systemd (Ubuntu Xenial) |
|
2016-05-02 20:00:07 |
Martin Pitt |
systemd (Ubuntu): status |
Triaged |
Fix Committed |
|
2016-05-02 20:00:07 |
Martin Pitt |
systemd (Ubuntu): assignee |
Dimitri John Ledkov (xnox) |
Martin Pitt (pitti) |
|
2016-05-02 20:09:08 |
Martin Pitt |
systemd (Ubuntu Xenial): status |
New |
In Progress |
|
2016-05-02 20:09:45 |
Dimitri John Ledkov |
description |
FIDO u2f is an emerging standard for public-private cryptography based 2nd factor authentication, which improves on OTP by mitigating phishing, man-in-the-middle attacks and reply attacks.
Google Chrome supports u2f devices which are now widely available from Yubico (new premium neo Yubikeys and Security keys).
However, udev rules are required to setup permissions to allow the web-browsers which are running as regular users to access the devices in question.
E.g.:
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", MODE="0664", GROUP="plugdev", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0113|0114|0115|0116|0120"
Something like that should be enabled by default, however probably not encode on the vendor/productid as other vendors will also make u2f devices. |
[Impact]
* Users plugin U2F key and it does not work in Google Chrome
[Test Case]
* Have stock ubuntu install, without custom U2F rules or libu2f-host0 installed
* Use U2F factor authentication website e.g. google apps, github, yubico, etc.
* Pluging in the key, should just work and complete U2F authentication instead of timing out
[Regression Potential]
* Should not conflict with libu2f-host0 udev rules which is where these are currently shipped
FIDO u2f is an emerging standard for public-private cryptography based 2nd factor authentication, which improves on OTP by mitigating phishing, man-in-the-middle attacks and reply attacks.
Google Chrome supports u2f devices which are now widely available from Yubico (new premium neo Yubikeys and Security keys).
However, udev rules are required to setup permissions to allow the web-browsers which are running as regular users to access the devices in question.
E.g.:
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", MODE="0664", GROUP="plugdev", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0113|0114|0115|0116|0120"
Something like that should be enabled by default, however probably not encode on the vendor/productid as other vendors will also make u2f devices. |
|
2016-05-05 17:31:19 |
Brian Murray |
systemd (Ubuntu Xenial): status |
In Progress |
Fix Committed |
|
2016-05-05 17:31:21 |
Brian Murray |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2016-05-05 17:31:23 |
Brian Murray |
bug |
|
|
added subscriber SRU Verification |
2016-05-05 17:31:28 |
Brian Murray |
tags |
|
verification-needed |
|
2016-05-07 21:38:02 |
Alex Willmer |
tags |
verification-needed |
verification-done |
|
2016-05-12 01:23:41 |
Launchpad Janitor |
systemd (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
2016-05-12 01:23:52 |
Chris J Arges |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2016-05-12 15:43:17 |
Launchpad Janitor |
systemd (Ubuntu): status |
Fix Committed |
Fix Released |
|
2016-08-23 15:01:40 |
Graeme Hewson |
bug |
|
|
added subscriber Graeme Hewson |
2018-02-14 22:54:12 |
Chris Rainey |
bug |
|
|
added subscriber Chris Rainey |
2018-02-15 19:40:46 |
Francis Ginther |
tags |
verification-done |
id-5a096cad0b33afe7dc38a9c1 verification-done |
|