{{tag>Brouillon}}

= Pb YubiKey FIDO

<code bash>
sudo apt-get install fido2-tools
</code>

<code ->
$ fido2-token -L
/dev/hidraw2: vendor=0x1050, product=0x0407 (Yubico YubiKey OTP+FIDO+CCID)

$ fido2-token -I /dev/hidraw2
proto: 0x02
major: 0x05
minor: 0x02
build: 0x07
caps: 0x05 (wink, cbor, msg)
version strings: U2F_V2, FIDO_2_0, FIDO_2_1_PRE
extension strings: credProtect, hmac-secret
transport strings: nfc, usb
algorithms: es256 (public-key), eddsa (public-key)
aaguid: 2fc0579f811347eab116bb5a8db9202a
options: rk, up, noplat, clientPin, credentialMgmtPreview
maxmsgsiz: 1200
maxcredcntlst: 8
maxcredlen: 128
maxlargeblob: 0
fwversion: 0x0
pin protocols: 1
pin retries: 5
uv retries: undefined

$ FIDO_DEBUG=1 fido2-token -C /dev/hidraw0
fido_hid_unix_open: open /dev/hidraw0: Permission denied
fido_dev_open_tx: dev->io.open
fido2-token: fido_dev_open /dev/hidraw0: FIDO_ERR_INTERNAL 

$ ls -l /dev/hidraw0
crw------- 1 root root 244, 0 Aug  3 19:45 /dev/hidraw0
</code>

<code bash>
curl https://raw.githubusercontent.com/Yubico/libu2f-host/master/70-u2f.rules |sudo tee /etc/udev/rules.d/70-u2f.rules
sudo systemctl restart udev
fido2-token -L
</code>

<code bash>
$ pamu2fcfg >> ~/.config/Yubico/u2f_keys
Enter PIN for /dev/hidraw2:
</code>

Changer le PIN pour FIDO
<code bash>
sudo apt-get install yubikey-manager
</code>

<code bash>
ykman fido access change-pin
</code>