Greg Steuck <gne...@openbsd.org> wrote: > rsyk...@disroot.org writes: > > > Fabio Martins <fosf...@gmail.com> wrote: > >> About your question, I believe you need to do a tail -f /var/log/messages > > > > this is what I see after pluging the key in the computer: > > > > Apr 7 19:02:06 odin /bsd: uhidev1 at uhub0 port 1 configuration 1 > > interface 1 "GoTrust Idem Key" rev 2.00/1.11 addr 2 > > Apr 7 19:02:06 odin /bsd: uhidev1: iclass 3/0 > > Apr 7 19:02:06 odin /bsd: fido0 at uhidev1: input=64, output=64, feature=0 > > Apr 7 19:02:06 odin /bsd: uhidev2 at uhub0 port 1 configuration 1 > > interface 2 "GoTrust Idem Key" rev 2.00/1.11 addr 2 > > Apr 7 19:02:06 odin /bsd: uhidev2: iclass 3/1 > > Apr 7 19:02:06 odin /bsd: ukbd0 at uhidev2: 8 variable keys, 6 key codes > > Apr 7 19:02:06 odin /bsd: wskbd1 at ukbd0 mux 1 > > Apr 7 19:02:06 odin /bsd: wskbd1: connecting to wsdisplay0 > > Apr 7 19:02:06 odin /bsd: ugen0 at uhub0 port 1 configuration 1 "GoTrust > > Idem Key" rev 2.00/1.11 addr 2 > > This is a good start of debugging effort. We can tell that the kernel is > happy enough with your device. Now you can go one step further and see > if ssh can use it. > > If you are feeling ambitious about debugging this for chrome, try > running it with --enable-logging --v=1 and then look into > ~/.config/chromium/chrome_debug.log for anything matching "fido". > > You can then do the same on Linux and compare the outputs. > > How much do you care about having this extra pin protection? I have been > using a few older FIDO devices for years now, so we know this much > works.
After upgrading to OpenBSD to 7.3 today, the operation started to work in chrome, so the key seems to be useable for me now. (I only encountered a minor difficulty to actually start chrome. It did not start the first time due to some trap, nor the second time, but then it finally started. This behaviour is daunting, but, in the end, the process succeeded.) I do not know why the use of the key did not work before the upgrade, but anyhow. Regarding the question about the PIN: To the extent I understand the PIN is a requirement by the security level to be used. I use the key to communicate with the state (public administration). There the condition is given that the PIN is to be used. Best regards, Ruda
