Tried to use Nitrokey 3C NFC for 2FA at codeberg.org with no success so far (runs forgejo/Gittea and asks for device supporting the WebAuthn Authenticator standard).
When I try to register the Nitrokey 3C NFC in the security settings, the key starts blinking and I’m ask to press it, then I get a “Could not read your security key. unknown error”.
My Nitrokey FIDO2 works flawlessly in the same application.
I’m on Firmware version: v1.5.0
.
Any suggestion where this might come from?
1 Like
Hi,
I seem to have the same error, but only on Firefox. Can you try with another browser to see if it works ?
We are investigating the error.
1 Like
Installed chromium and …
… the registration worked without any issues. Thanks so much!
The best part is that now the key is registered with codeberg.org it also works with firefox. So, this solves the issues for now … long term it would of course be nice to not having to resort to another browser.
Hey @christian
could you please check, if the error also occurs after switching off ctap2
?
You can do this like that:
- visit
about:config
- find and set
security.webauthn.ctap2 == false
afterwards, please try to register with the not working services.
CTAP2 arrived quite late in FF, so there are still some bugs floating around…
best
1 Like
Hi @daringer ,
went to about:config
and switched security.webauthn.ctap2
to false
(had been true
previously). Then, logged into codeberg.org, went to the security settings, deleted the security key (nitrokey3), and re-register it afterwards. Went well (all with firefox); that is, I can register the security key with firefox once ctap2 is disabled.
Next, I logged out (keeping the about:config
change intact), closed firefox, started it again, and redid the experiment (just to make sure). Same result: once ctap2
is disabled, registration works. Also, tried a few other ways (again, just to make sure I hadn’t missed something before): deleted security key, logged out and re-registered after a fresh login and more. Same result.
After enabling ctap2
again, I could still use the registered Nitrokey3. But when I delete it, the registration fails (same error as described above).
And, by the way, I’m using FF 115.0.2 (64-Bit).
1 Like
I had problem to enable my Nitrokey 3 on this nitrokey forum and the kuketz forum with firefox 116 (64bit) on Manjaro Linux. I figured out that it works with Chromium but not with Firefox.
Then I found the suggestion from @daringer :
You can do this like that:
visit about:config
find and set security.webauthn.ctap2 == false
Now it works!