Bugzilla – Bug 1212038
Yubikey RPM missing udev rules file to access device by non-root user
Last modified: 2023-06-06 15:41:38 UTC
Based upon my forum topic: https://forums.opensuse.org/t/yubikey-not-recognized-unless-using-sudo/166643/5 I installed Yubikey manager from the official repository. My key (Yubikey Standard/ Legacy) is not recognized by the manager application when the application is run as non-root user. The device upon insertion is not seen. Executing "lsusb | grep Yubikey" does show the info. Executing "ykman info" does return: No Yubikey detecded Executing "sudo ykman info" does return the values for the Yubikey. This is resolved by creating a udev rule: sudo vi /usr/lib/udev/rules.d/99-yubikeys.rules Insert: SUBSYSTEMS=="usb", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0116", TAG+="uaccess"
Tinkering on Leap 15.4 to replicate my steps. I also need to add these 2 udev rules: https://github.com/Yubico/yubikey-personalization/blob/master/69-yubikey.rules https://github.com/Yubico/yubikey-personalization/blob/master/70-yubikey.rules Than inserting the key gets recognized by yubikey manager.
Assigning to yubikey-manager maintainers. There is a similar udev file in the package "ykpers". You can check if installing that already helps.
Install "libfido2-udev" package only. This includes the 70-yubikey.rules with a patch for group rules.
The libfido2-udev package adds "70-fido2.rules". The contents for the 70-fido2.rules contains the contents as found here: https://github.com/Yubico/libfido2/blob/main/udev/70-u2f.rules Adding the libfido2-udev package does not add the 69-yubikey.rules, 70-yubikey.rules and 99-yubikeys.rules rules that were needed to recognize the device as non-root user. Installing ykpers package does add the 69-yubikey.rules to my system.
I created a fresh Virtualbox with Leap 15.4 Installing yubikey-manager-qt and ykpers does make sure a non-root user can interact with the key using ykman on the terminal. However in yubikey-manager the Yubikey is not recognized.