alexintokyo Is there a way to enable the use of Yubikeys in GhostBSD? At the moment, I get prompted to touch the Yubikey button by Bitwarden for instance, but when I touch the button, nothing happens...
ericbsd Oh, I had notes about that in the old forums, but I put it down since it was causing issues with the server.
ericbsd I dug into MySQL and found what I wrote. Post 1 So, I have installed those packages: sudo pkg install yubico-piv-tool libu2f-host u2f-devd py311-yubikey-manager You might only need libu2f-host and u2f-devd. After that, I have added my user to the u2f group: sudo pw group mod u2f -m ericbsd I have tested it here: webauthn.io. I set it on my Proton account, and it is working, although sometimes the first attempt fails. Post 2 *For Firefox with PIV Authentication: Enable and start the pcscd service sudo service pcscd enable sudo service pcscd start Configure Firefox to use ykcs11 Open Firefox. Enter about:preferences in the address bar. In the left-hand column, click Privacy & Security. Under the Security section, click Security Devices. Click Load and provide the following information: Module Name: YubiKey PIV Module filename: /usr/local/lib/libykcs11.so* Post 3 *Ensure that FIDO U2F is enabled in Firefox. By default, it is missing. Open Firefox. Enter about:config in the address bar. Accept the risk warning to proceed. Search for security.webauth.u2f. If it is missing, create it as a boolean and set the value to true.* Post from another user. I use a Yubikey 5 for more than a year now, and it works very well. I have a pin, and the key is fully functional. For a working key, you only need to install the following: pkg install libu2f-host u2f-devd pcsc-lite Then enable pcscd at boot: service pcscd enable Add your user to the u2f group: pw group mod u2f -m user Replace user with your actual username, and simply reboot. For using 2FA in Firefox, you don’t need to adjust anything. In the current Firefox version, it works out of the box. I use it in FreeBSD, NomadBSD (Yes, FreeBSD), and GhostBSD. It works.
alexintokyo ericbsd Many thanks! I will have a go. This will increase the usability of GhostBSD for me greatly!
