This bug was fixed in the package systemd - 229-4ubuntu5
---------------
systemd (229-4ubuntu5) xenial-proposed; urgency=medium
* debian/udev.postinst: Don't fail if /var/log/udev is a directory.
(LP: #1574004)
* Set MAC based name for USB network interfaces only for universally
administered (i. e. stable) MACs, not for locally administered (i. e.
randomly generated) ones. Drop /lib/systemd/network/90-mac-for-usb.link
(as link files don't currently support globs for MACAddress=) and replace
with an udev rule in /lib/udev/rules.d/73-special-net-names.rules.
(Closes: #812575, LP: #1574483)
* debian/extra/init-functions.d/40-systemd: Invoke status command with
--no-pager, to avoid blocking scripts that call an init.d script with
"status" with an unexpected pager process. (Closes: #765175, LP: #1576409)
* Add debian/extra/rules/70-debian-uaccess.rules: Make FIDO U2F dongles
accessible to the user session. This avoids having to install libu2f-host0
(which isn't discoverable at all) to make those devices work.
(LP: #1387908)
* On shutdown, unmount /tmp before disabling swap. (Closes: #788303)
-- Martin Pitt <martin.p...@ubuntu.com> Mon, 02 May 2016 15:04:42
-0500
** Changed in: systemd (Ubuntu Xenial)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1387908
Title:
[udev] FIDO u2f security keys should be supported out of the box
Status in systemd package in Ubuntu:
Fix Committed
Status in systemd source package in Trusty:
Confirmed
Status in systemd source package in Xenial:
Fix Released
Bug description:
[Impact]
* Users plugin U2F key and it does not work in Google Chrome
[Test Case]
* Have stock ubuntu install, without custom U2F rules or libu2f-host0
installed
* Use U2F factor authentication website e.g. google apps, github,
yubico, etc.
* Pluging in the key, should just work and complete U2F
authentication instead of timing out
[Regression Potential]
* Should not conflict with libu2f-host0 udev rules which is where
these are currently shipped
FIDO u2f is an emerging standard for public-private cryptography based
2nd factor authentication, which improves on OTP by mitigating
phishing, man-in-the-middle attacks and reply attacks.
Google Chrome supports u2f devices which are now widely available from
Yubico (new premium neo Yubikeys and Security keys).
However, udev rules are required to setup permissions to allow the
web-browsers which are running as regular users to access the devices
in question.
E.g.:
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", MODE="0664", GROUP="plugdev",
ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0113|0114|0115|0116|0120"
Something like that should be enabled by default, however probably not
encode on the vendor/productid as other vendors will also make u2f
devices.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1387908/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
