Security 7 posts

Inhji posted

Trezor Udev Rules for Ubuntu

These are the udev rules needed to use Trezor devices on Linux/Ubuntu machines:

# Trezor
SUBSYSTEM=="usb", ATTR{idVendor}=="534c", ATTR{idProduct}=="0001", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n"
KERNEL=="hidraw*", ATTRS{idVendor}=="534c", ATTRS{idProduct}=="0001",  MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl"

# Trezor v2
SUBSYSTEM=="usb", ATTR{idVendor}=="1209", ATTR{idProduct}=="53c0", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n"
SUBSYSTEM=="usb", ATTR{idVendor}=="1209", ATTR{idProduct}=="53c1", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n"
KERNEL=="hidraw*", ATTRS{idVendor}=="1209", ATTRS{idProduct}=="53c1",  MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl"

Sourced from https://github.com/trezor/trezor-firmware/tree/master/common/udev

Inhji posted

As of today, akedia supports Webauthn and TOTP for 2Factor Authentication. Some notes on this:

  • TOTP is used as a fallback in case Webauthn cannot be used. I got the idea from gitea
  • My phone does not support Webauthn (yet?). Here TOTP is the only option.
  • Only one U2F Device is supported, which is my Trezor One. In the future I may add the option to add multiple devices.
  • I’m very confused about the state of Webauthn on Android/Firefox. This post on xda says Webauthn is available on certain devices, whatever that means.
  • Google supports Webauthn, afaik it only works with Google Play Services, which I have not installed on my phone. Does that mean Webauthn on Android only works with Google Play Services? Dunno.
  • Webauthn does not work via my Trezor connected via OTG on my phone.

Despite the limited use cases (for now), I’m still very exited for Webauthn. A world without passwords seems too good to be true.