I seem to be unable to get my NK FIDO2 to work.
I’ve installed https://raw.githubusercontent.com/Nitrokey/libnitrokey/master/data/41-nitrokey.rules under /etc/udev/rules.d/. lsusb shows the key as Bus 003 Device 011: ID 20a0:42b1 Clay Logic
Upon insertion dmesg shows the following output:
[ 4303.490607] usb 3-1: New USB device found, idVendor=20a0, idProduct=42b1, bcdDevice= 1.00
[ 4303.490613] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 4303.490616] usb 3-1: Product: Nitrokey FIDO2 1.1.0
[ 4303.490619] usb 3-1: Manufacturer: Nitrokey
[ 4303.490621] usb 3-1: SerialNumber: 20753375344B
[ 4303.492665] hid-generic 0003:20A0:42B1.000D: hiddev96,hidraw0: USB HID v1.11 Device [Nitrokey Nitrokey FIDO2 1.1.0] on usb-0000:00:14.0-1/input0
and the key blinks once.
When attempting to register or log in at u2f.bin.coffee or webauthn.io firefox shows the “you can authorize now” message, but the key remains dark and I am unable to proceed.
A solokey I also own works fine on both test sites.
Any ideas how I can troubleshoot this issue further?
Hi sz,
3) did it for me. I removed the “new” udev rules and installed the 41-nitrokey_old.rules and now the key works. Maybe it was related to permissions?
Edit: It seems to be related to permissions. Using the only the new udev rule it returns to the previous behaviour. After manually running chown root:plugdev /dev/hidraw0 and chmod 660 /dev/hidraw0 the key works.
Edit2: So as far as my own investigation goes the issue is this: uaccess apparently is a tag used by systemd to manage permissions. I’m not using systemd, hence the permissions for the /dev/hid* device were not set.