[pve-devel] [RFC/Draft] U2F Authentication

Alexandre DERUMIER aderumier at odiso.com
Fri May 25 15:12:38 CEST 2018


>>I only have a yubikey4 to test which uses u2f/fido compatible with 
>>libu2f-server. There seems to exist a libfido2 - not in debian though, 
>>and I don't know about browser compatibility there. The general API 
>>structure seems to be the same though, so adding another variant should 
>>work as well, but I don't think my yubikey speaks the new protocol, so 
>>I'd need a new device first to be able to work on that. 
>>I should go over the ticket changes again to make sure it's extensible 
>>in a sane way for later. 

ok thanks.

we don't use yubikey yet, but fido2 (w3c webauthn) seem to be interesting.
afaik, firefox 60 already support it and chrome soon.

I'll try to buy it to test.



----- Mail original -----
De: "Wolfgang Bumiller" <w.bumiller at proxmox.com>
À: "aderumier" <aderumier at odiso.com>
Cc: "pve-devel" <pve-devel at pve.proxmox.com>
Envoyé: Vendredi 25 Mai 2018 10:15:44
Objet: Re: [pve-devel] [RFC/Draft] U2F Authentication

On Thu, May 24, 2018 at 04:57:56PM +0200, Alexandre DERUMIER wrote: 
> does it work with fido2/webauthn too ? 
> 
> https://www.w3.org/2018/04/pressrelease-webauthn-fido2.html.en 

I only have a yubikey4 to test which uses u2f/fido compatible with 
libu2f-server. There seems to exist a libfido2 - not in debian though, 
and I don't know about browser compatibility there. The general API 
structure seems to be the same though, so adding another variant should 
work as well, but I don't think my yubikey speaks the new protocol, so 
I'd need a new device first to be able to work on that. 
I should go over the ticket changes again to make sure it's extensible 
in a sane way for later. 



More information about the pve-devel mailing list