clearlinux/clear-linux-documentation
2
0
Fork 0
mirror of https://github.com/clearlinux/clear-linux-documentation.git synced 2026-05-02 04:53:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
developmentHTML
clear-linux-documentation/tutorials/yubikey-u2f.html
alexjch b16b933983 latest html output
2024-11-04 18:48:51 +00:00

230 lines
12 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE html>
<html lang="en" data-content_root="../">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" /><meta name="viewport" content="width=device-width, initial-scale=1" />
<title>YubiKey* Support &#8212; Documentation for Clear Linux* project</title>
<link rel="stylesheet" type="text/css" href="../_static/pygments.css?v=fa44fd50" />
<link rel="stylesheet" type="text/css" href="../_static/bizstyle.css?v=5283bb3d" />
<link rel="stylesheet" type="text/css" href="../_static/copybutton.css?v=76b2166b" />
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9bcbadda"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/clipboard.min.js?v=a7894cd8"></script>
<script src="../_static/copybutton.js?v=a56c686a"></script>
<script src="../_static/bizstyle.js"></script>
<link rel="canonical" href="https://clearlinux.github.io/clear-linux-documentation/tutorials/yubikey-u2f.html" />
<link rel="icon" href="../_static/favicon.ico"/>
<link rel="author" title="About these documents" href="../about.html" />
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="next" title="OpenZFS*" href="zfs.html" />
<link rel="prev" title="WordPress* Server" href="wordpress.html" />
<meta name="viewport" content="width=device-width,initial-scale=1.0" />
<!--[if lt IE 9]>
<script src="_static/css3-mediaqueries.js"></script>
<![endif]-->
</head><body>
<div class="related" role="navigation" aria-label="Related">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="../genindex.html" title="General Index"
accesskey="I">index</a></li>
<li class="right" >
<a href="zfs.html" title="OpenZFS*"
accesskey="N">next</a> |</li>
<li class="right" >
<a href="wordpress.html" title="WordPress* Server"
accesskey="P">previous</a> |</li>
<li class="nav-item nav-item-0"><a href="../index.html">Documentation for Clear Linux* project</a> &#187;</li>
<li class="nav-item nav-item-1"><a href="index.html" accesskey="U">Tutorials</a> &#187;</li>
<li class="nav-item nav-item-this"><a href="">YubiKey* Support</a></li>
</ul>
</div>
<div class="document">
<div class="documentwrapper">
<div class="bodywrapper">
<div class="body" role="main">
<section id="yubikey-support">
<span id="yubikey-u2f"></span><h1>YubiKey* Support<a class="headerlink" href="#yubikey-support" title="Link to this heading"></a></h1>
<p>This tutorial explains how to configure a YubiKey* for U2F authentication
through a web browser on a Clear Linux* OS system.</p>
<nav class="contents local" id="contents">
<ul class="simple">
<li><p><a class="reference internal" href="#description" id="id1">Description</a></p></li>
<li><p><a class="reference internal" href="#prerequisites" id="id2">Prerequisites</a></p></li>
<li><p><a class="reference internal" href="#enable-linux-udev-rules-for-yubikey" id="id3">Enable Linux udev rules for YubiKey</a></p></li>
<li><p><a class="reference internal" href="#enable-u2f-in-mozilla-firefox" id="id4">Enable U2F in Mozilla Firefox</a></p></li>
<li><p><a class="reference internal" href="#related-topics" id="id5">Related topics</a></p></li>
</ul>
</nav>
<section id="description">
<h2><a class="toc-backref" href="#id1" role="doc-backlink">Description</a><a class="headerlink" href="#description" title="Link to this heading"></a></h2>
<p>YubiKey is a USB security token manufactured by <a class="reference external" href="https://www.yubico.com/">Yubico</a>. Depending on the
model, a YubiKey can support different authentication protocols including
One-Time Password (OTP), Smart card, FIDO2, and Universal 2nd Factor (U2F).</p>
<p>A list of <a class="reference internal" href="#websites-that-accept-u2f-authentication-with-the-yubikey">websites that accept U2F authentication with the YubiKey</a>
is available on the Yubico website. See the Yubico website to learn more about
the Yubikey: <a class="reference external" href="https://www.yubico.com/getstarted/">https://www.yubico.com/getstarted/</a></p>
</section>
<section id="prerequisites">
<h2><a class="toc-backref" href="#id2" role="doc-backlink">Prerequisites</a><a class="headerlink" href="#prerequisites" title="Link to this heading"></a></h2>
<p>This tutorial assumes you have:</p>
<ol class="arabic simple">
<li><p>Clear Linux OS installed and running.</p></li>
<li><p>Mozilla Firefox installed on Clear Linux OS.</p></li>
<li><p>A YubiKey.</p></li>
</ol>
</section>
<section id="enable-linux-udev-rules-for-yubikey">
<h2><a class="toc-backref" href="#id3" role="doc-backlink">Enable Linux udev rules for YubiKey</a><a class="headerlink" href="#enable-linux-udev-rules-for-yubikey" title="Link to this heading"></a></h2>
<p><strong class="command">udev</strong> is the Linux device manager that handles events when USB
devices are added and removed. Custom rules needs to be created to properly
identify the YubiKey and provide applications access.</p>
<p>These instructions are derived from: <a class="reference external" href="https://support.yubico.com/support/solutions/articles/15000006449">Yubico support article Using Your U2F
YubiKey with Linux</a></p>
<ol class="arabic">
<li><p>Create the udev rules folder under <code class="file docutils literal notranslate"><span class="pre">/etc</span></code>.</p>
<div class="highlight-bash notranslate"><div class="highlight"><pre><span></span>sudo<span class="w"> </span>mkdir<span class="w"> </span>-p<span class="w"> </span>/etc/udev/rules.d/
</pre></div>
</div>
</li>
<li><p>Download the u2f rules from the Yubico GitHub:</p>
<div class="highlight-bash notranslate"><div class="highlight"><pre><span></span>curl<span class="w"> </span>-O<span class="w"> </span>https://raw.githubusercontent.com/Yubico/libu2f-host/master/70-u2f.rules
</pre></div>
</div>
</li>
<li><p>Move the downloaded <code class="file docutils literal notranslate"><span class="pre">70-u2f.rules</span></code> file into the <code class="file docutils literal notranslate"><span class="pre">/etc/udev</span></code>
folder.</p>
<div class="highlight-bash notranslate"><div class="highlight"><pre><span></span>sudo<span class="w"> </span>mv<span class="w"> </span><span class="m">70</span>-u2f.rules<span class="w"> </span>/etc/udev/rules.d/
</pre></div>
</div>
</li>
<li><p>The udev rules should automatically be reloaded. However, they can be
manually reloaded or you can reboot the system.</p>
<div class="highlight-bash notranslate"><div class="highlight"><pre><span></span>sudo<span class="w"> </span>udevadm<span class="w"> </span>control<span class="w"> </span>--reload-rules<span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span>sudo<span class="w"> </span>udevadm<span class="w"> </span>trigger
</pre></div>
</div>
</li>
<li><p>Plugin and validate the YubiKey appears as a USB device.</p>
<div class="highlight-bash notranslate"><div class="highlight"><pre><span></span>lsusb
</pre></div>
</div>
</li>
</ol>
</section>
<section id="enable-u2f-in-mozilla-firefox">
<h2><a class="toc-backref" href="#id4" role="doc-backlink">Enable U2F in Mozilla Firefox</a><a class="headerlink" href="#enable-u2f-in-mozilla-firefox" title="Link to this heading"></a></h2>
<p>Firefox comes with U2F web authentication support disabled by default. U2F
needs to be enabled in the advanced settings.</p>
<p>These instructions are derived from: <a class="reference external" href="https://support.yubico.com/support/solutions/articles/15000017511-enabling-u2f-support-in-mozilla-firefox">Yubico support article Enabling U2F
support in Mozilla Firefox</a></p>
<ol class="arabic">
<li><p>Launch Mozilla Firefox</p></li>
<li><p>In the URL bar, type <strong class="command">about:config</strong> to access the advanced
settings.</p>
<div class="highlight-bash notranslate"><div class="highlight"><pre><span></span>about:config
</pre></div>
</div>
</li>
<li><p>Click the <em>I accept the risk!</em> button to continue to the advanced settings</p></li>
<li><p>Search for the <strong class="command">security.webauth.u2f</strong> and double-click it
so <em>Value</em> becomes <strong>true</strong>.</p></li>
</ol>
<p>Your YubiKey is now usable on Clear Linux OS with Mozilla Firefox with websites that
support U2F authentication.</p>
</section>
<section id="related-topics">
<h2><a class="toc-backref" href="#id5" role="doc-backlink">Related topics</a><a class="headerlink" href="#related-topics" title="Link to this heading"></a></h2>
<ul class="simple">
<li><p>Clear Linux OS <a class="reference internal" href="../guides/clear/security.html#security"><span class="std std-ref">OS Security</span></a></p></li>
</ul>
<span class="target" id="websites-that-accept-u2f-authentication-with-the-yubikey"></span></section>
</section>
<div class="clearer"></div>
</div>
</div>
</div>
<div class="sphinxsidebar" role="navigation" aria-label="Main">
<div class="sphinxsidebarwrapper">
<p class="logo"><a href="../index.html">
<img class="logo" src="../_static/clearlinux.png" alt="Logo of Clear Linux* Project Docs"/>
</a></p>
<div>
<h3><a href="../index.html">Table of Contents</a></h3>
<ul>
<li><a class="reference internal" href="#">YubiKey* Support</a><ul>
<li><a class="reference internal" href="#description">Description</a></li>
<li><a class="reference internal" href="#prerequisites">Prerequisites</a></li>
<li><a class="reference internal" href="#enable-linux-udev-rules-for-yubikey">Enable Linux udev rules for YubiKey</a></li>
<li><a class="reference internal" href="#enable-u2f-in-mozilla-firefox">Enable U2F in Mozilla Firefox</a></li>
<li><a class="reference internal" href="#related-topics">Related topics</a></li>
</ul>
</li>
</ul>
</div>
<div>
<h4>Previous topic</h4>
<p class="topless"><a href="wordpress.html"
title="previous chapter">WordPress* Server</a></p>
</div>
<div>
<h4>Next topic</h4>
<p class="topless"><a href="zfs.html"
title="next chapter">OpenZFS*</a></p>
</div>
<div role="note" aria-label="source link">
<h3>This Page</h3>
<ul class="this-page-menu">
<li><a href="../_sources/tutorials/yubikey-u2f.rst.txt"
rel="nofollow">Show Source</a></li>
</ul>
</div>
<search id="searchbox" style="display: none" role="search">
<h3 id="searchlabel">Quick search</h3>
<div class="searchformwrapper">
<form class="search" action="../search.html" method="get">
<input type="text" name="q" aria-labelledby="searchlabel" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false"/>
<input type="submit" value="Go" />
</form>
</div>
</search>
<script>document.getElementById('searchbox').style.display = "block"</script>
</div>
</div>
<div class="clearer"></div>
</div>
<div class="related" role="navigation" aria-label="Related">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="../genindex.html" title="General Index"
>index</a></li>
<li class="right" >
<a href="zfs.html" title="OpenZFS*"
>next</a> |</li>
<li class="right" >
<a href="wordpress.html" title="WordPress* Server"
>previous</a> |</li>
<li class="nav-item nav-item-0"><a href="../index.html">Documentation for Clear Linux* project</a> &#187;</li>
<li class="nav-item nav-item-1"><a href="index.html" >Tutorials</a> &#187;</li>
<li class="nav-item nav-item-this"><a href="">YubiKey* Support</a></li>
</ul>
</div>
<div class="footer" role="contentinfo">
&#169; Copyright 2022 Intel Corporation. All Rights Reserved..
Last updated on Nov 04, 2024.
Created using <a href="https://www.sphinx-doc.org/">Sphinx</a> 8.1.3.
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink