mykola/opnsense-ports
1
0
Fork 0
forked from Lainports/opnsense-ports
Code Pull requests Activity
opnsense-ports/security/u2f-devd/files/u2f.conf
Franco Fichtner d79bfdcc37 */*: sync with upstream 
Taken from: FreeBSD
2024-05-27 17:48:48 +02:00

305 lines
7.4 KiB
Text
Raw Blame History

# Allow members of group u2f to access U2F authentication tokens.
# 'notify' rules work on /dev/usb/* (used by libu2f-host),
# 'attach' rules work on /dev/uhid* (used by web browsers)
# Yubico Yubikey
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x1050";
match "product" "(0x0113|0x0114|0x0115|0x0116|0x0120|0x0200|0x0402|0x0403|0x0404|0x0406|0x0407|0x0410)";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "0x1050";
match "product" "(0x0113|0x0114|0x0115|0x0116|0x0120|0x0200|0x0402|0x0403|0x0404|0x0406|0x0407|0x0410)";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
# Happlink (formerly Plug-Up) Security KEY
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x2581";
match "product" "0xf1d0";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "0x2581";
match "product" "0xf1d0";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
# Neowave Keydo and Keydo AES
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x1e0d";
match "product" "(0xf1d0|0xf1ae)";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "0x1e0d";
match "product" "(0xf1d0|0xf1ae)";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
# HyperSecu HyperFIDO
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "(0x096e|0x2ccf)";
match "product" "(0x0880|0x0854)";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "(0x096e|0x2ccf)";
match "product" "(0x0880|0x0854)";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
# Feitian ePass FIDO, BioPass FIDO2
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x096e";
match "product" "(0x0850|0x0852|0x0853|0x0854|0x0856|0x0858|0x085a|0x085b|0x085d)";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "0x096e";
match "product" "(0x0850|0x0852|0x0853|0x0854|0x0856|0x0858|0x085a|0x085b|0x085d)";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
# JaCarta U2F
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x24dc";
match "product" "(0x0101|0x0501)";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "0x24dc";
match "product" "(0x0101|0x0501)";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
# U2F Zero
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x10c4";
match "product" "0x8acf";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "0x10c4";
match "product" "0x8acf";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
# VASCO SeccureClick
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x1a44";
match "product" "0x00bb";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "0x1a44";
match "product" "0x00bb";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
# Bluink Key
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x2abe";
match "product" "0x1002";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "0x2abe";
match "product" "0x1002";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
# Thetis Key
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x1ea8";
match "product" "(0xf025|0xfc25)";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "0x1ea8";
match "product" "(0xf025|0xfc25)";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
# Nitrokey FIDO U2F
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x20a0";
match "product" "0x4287";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "0x20a0";
match "product" "0x4287";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
# Nitrokey FIDO 2
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x20a0";
match "product" "0x42b1";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "0x20a0";
match "product" "0x42b1";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
# Nitrokey 3
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x20a0";
match "product" "0x42b2";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "0x20a0";
match "product" "0x42b2";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
# Nitrokey 3 Bootloader mode
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x20a0";
match "product" "0x42dd";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "0x20a0";
match "product" "0x42dd";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
# Google Titan U2F
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x18d1";
match "product" "(0x5026|0x9470)";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "0x18d1";
match "product" "(0x5026|0x9470)";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
# Tomu board + chopstx U2F + SoloKeys
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x0483";
match "product" "(0xcdab|0xa2ca)";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "0x0483";
match "product" "(0xcdab|0xa2ca)";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
# SoloKeys
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x1209";
match "product" "(0x5070|0x50b0|0xbeee)";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "0x1209";
match "product" "(0x5070|0x50b0|0xbeee)";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
# Trezor (One and T models)
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x534c";
match "product" "0x0001";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "0x534c";
match "product" "0x0001";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
notify 100 {
match "system" "USB";
match "subsystem" "DEVICE";
match "type" "ATTACH";
match "vendor" "0x1209";
match "product" "(0x53c0|0x53c1)";
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
};
attach 100 {
match "vendor" "0x1209";
match "product" "(0x53c0|0x53c1)";
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
};
View git blame Copy permalink