Yubikey Security Key (u2f) - help requested

[coisbagois]

Hi Yall first post here!

I am having issues getting my YubiKey security key to work properly in Firefox/Chromium. (I have already installed u2f-devd)
I think I've managed to narrow down the issue, when I disable usbhid in /boot/loader.conf it works. BUT then my keyboard multimedia keys stop working.
Here is my current /boot/loader.conf with usbhid enabled:

kern.geom.label.disk_ident.enable="0"
kern.geom.label.gptid.enable="0"
cryptodev_load="YES"
zfs_load="YES"
# AMD Temperature
amdtemp_load="YES"
# Keyboard
ig4_load="YES"
iicbus_load="YES"
iichid_load="YES"
hw.usb.usbhid.enable="1"
# Set volume to 0 to prevent "pop" during boot
hint.pcm.5.vol="0"

So I'm looking to see if there's a way to get usbhid to ignore my Yubikey? If my understanding is correct, I might be able to modify some devd rules to achieve this? If someone can point me in the right direction I would appreciate it! Thank you.

 

[monwarez]

A simple workaround is to do as root: sysctl hw.usb.usbhid.enable=0 before using your yubikey.
As long as your keyboard does not disconnect, multimedia key should still work.
So technically you could do an attach rule, that do the following:

If usbhid is enabled, disable usbhid and reset the device
If usbhid is not enabled, sleep 5sec, and enable usbhid.

Note that the security key work without issue with usbhid (when you have loaded hidraw it should definitely work), if you use fido2-token -L you should see your key.
It is the web browser that need to be patched on FreeBSD to use hidraw when available when they are searching for the fido key.
For instance, using ssh with the security key work when hw.usb.usbhid.enable=1 .