forked from Lainports/opnsense-ports
195 lines
4.7 KiB
Text
195 lines
4.7 KiB
Text
# Allow members of group u2f to access U2F authentication tokens.
|
|
# 'notify' rules work on /dev/usb/* (used by libu2f-host),
|
|
# 'attach' rules work on /dev/uhid* (used by web browsers)
|
|
|
|
# Yubico Yubikey
|
|
notify 100 {
|
|
match "system" "USB";
|
|
match "subsystem" "DEVICE";
|
|
match "type" "ATTACH";
|
|
match "vendor" "0x1050";
|
|
match "product" "(0x0113|0x0114|0x0115|0x0116|0x0120|0x0200|0x0420|0x0403|0x0406|0x0407|0x0410)";
|
|
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
|
|
};
|
|
|
|
attach 100 {
|
|
match "vendor" "0x1050";
|
|
match "product" "(0x0113|0x0114|0x0115|0x0116|0x0120|0x0200|0x0420|0x0403|0x0406|0x0407|0x0410)";
|
|
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
|
|
};
|
|
|
|
# Happlink (formerly Plug-Up) Security KEY
|
|
notify 100 {
|
|
match "system" "USB";
|
|
match "subsystem" "DEVICE";
|
|
match "type" "ATTACH";
|
|
match "vendor" "0x2581";
|
|
match "product" "0xf1d0";
|
|
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
|
|
};
|
|
|
|
attach 100 {
|
|
match "vendor" "0x2581";
|
|
match "product" "0xf1d0";
|
|
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
|
|
};
|
|
|
|
# Neowave Keydo and Keydo AES
|
|
notify 100 {
|
|
match "system" "USB";
|
|
match "subsystem" "DEVICE";
|
|
match "type" "ATTACH";
|
|
match "vendor" "0x1e0d";
|
|
match "product" "(0xf1d0|0xf1ae)";
|
|
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
|
|
};
|
|
|
|
attach 100 {
|
|
match "vendor" "0x1e0d";
|
|
match "product" "(0xf1d0|0xf1ae)";
|
|
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
|
|
};
|
|
|
|
# HyperSecu HyperFIDO
|
|
notify 100 {
|
|
match "system" "USB";
|
|
match "subsystem" "DEVICE";
|
|
match "type" "ATTACH";
|
|
match "vendor" "(0x096e|0x2ccf)";
|
|
match "product" "0x0880";
|
|
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
|
|
};
|
|
|
|
attach 100 {
|
|
match "vendor" "(0x096e|0x2ccf)";
|
|
match "product" "0x0880";
|
|
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
|
|
};
|
|
|
|
# Feitian ePass FIDO
|
|
notify 100 {
|
|
match "system" "USB";
|
|
match "subsystem" "DEVICE";
|
|
match "type" "ATTACH";
|
|
match "vendor" "0x096e";
|
|
match "product" "(0x0850|0x0852|0x0853|0x0854|0x0856|0x0858|0x085a|0x085b)";
|
|
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
|
|
};
|
|
|
|
attach 100 {
|
|
match "vendor" "0x096e";
|
|
match "product" "(0x0850|0x0852|0x0853|0x0854|0x0856|0x0858|0x085a|0x085b)";
|
|
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
|
|
};
|
|
|
|
# JaCarta U2F
|
|
notify 100 {
|
|
match "system" "USB";
|
|
match "subsystem" "DEVICE";
|
|
match "type" "ATTACH";
|
|
match "vendor" "0x24dc";
|
|
match "product" "0x0101";
|
|
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
|
|
};
|
|
|
|
attach 100 {
|
|
match "vendor" "0x24dc";
|
|
match "product" "0x0101";
|
|
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
|
|
};
|
|
|
|
# U2F Zero
|
|
notify 100 {
|
|
match "system" "USB";
|
|
match "subsystem" "DEVICE";
|
|
match "type" "ATTACH";
|
|
match "vendor" "0x10c4";
|
|
match "product" "0x8acf";
|
|
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
|
|
};
|
|
|
|
attach 100 {
|
|
match "vendor" "0x10c4";
|
|
match "product" "0x8acf";
|
|
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
|
|
};
|
|
|
|
# VASCO SeccureClick
|
|
notify 100 {
|
|
match "system" "USB";
|
|
match "subsystem" "DEVICE";
|
|
match "type" "ATTACH";
|
|
match "vendor" "0x1a44";
|
|
match "product" "0x00bb";
|
|
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
|
|
};
|
|
|
|
attach 100 {
|
|
match "vendor" "0x1a44";
|
|
match "product" "0x00bb";
|
|
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
|
|
};
|
|
|
|
# Bluink Key
|
|
notify 100 {
|
|
match "system" "USB";
|
|
match "subsystem" "DEVICE";
|
|
match "type" "ATTACH";
|
|
match "vendor" "0x2abe";
|
|
match "product" "0x1002";
|
|
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
|
|
};
|
|
|
|
attach 100 {
|
|
match "vendor" "0x2abe";
|
|
match "product" "0x1002";
|
|
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
|
|
};
|
|
|
|
# Thetis Key
|
|
notify 100 {
|
|
match "system" "USB";
|
|
match "subsystem" "DEVICE";
|
|
match "type" "ATTACH";
|
|
match "vendor" "0x1ea8";
|
|
match "product" "0xf025";
|
|
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
|
|
};
|
|
|
|
attach 100 {
|
|
match "vendor" "0x1ea8";
|
|
match "product" "0xf025";
|
|
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
|
|
};
|
|
|
|
# Nitrokey FIDO U2F
|
|
notify 100 {
|
|
match "system" "USB";
|
|
match "subsystem" "DEVICE";
|
|
match "type" "ATTACH";
|
|
match "vendor" "0x20a0";
|
|
match "product" "0x4287";
|
|
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
|
|
};
|
|
|
|
attach 100 {
|
|
match "vendor" "0x20a0";
|
|
match "product" "0x4287";
|
|
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
|
|
};
|
|
|
|
# Google Titan U2F
|
|
notify 100 {
|
|
match "system" "USB";
|
|
match "subsystem" "DEVICE";
|
|
match "type" "ATTACH";
|
|
match "vendor" "0x18d1";
|
|
match "product" "0x5026";
|
|
action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev";
|
|
};
|
|
|
|
attach 100 {
|
|
match "vendor" "0x18d1";
|
|
match "product" "0x5026";
|
|
action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name";
|
|
};
|