search

Yubico / Yubico.NET.SDK

A YubiKey SDK for .NET developers
Apache License 2.0
96 stars 48 forks source link

Working on windows, but not on linux (ubuntu)? #63

Closed olabacker closed 2 weeks ago

olabacker commented 7 months ago

Hello!

I have been running the following code with yubikey 5 nfc on windows machines a couple of years without issues. Now I needed to do a port to run the same on linux (ubuntu). 

var yubikey= YubiKeyDevice.FindAll().FirstOrDefault()

using var otp = new OtpSession(yubiKey);

var result = otp
    .CalculateChallengeResponse(slot)
    .UseYubiOtp(false)
    .UseChallenge(challenge)
    .GetDataBytes();

The first line is finding my yubikey fine after installing pcscd and fixing the symbolic link to libudev. However I get an exception in the ctor of OtpSession. 

Unhandled exception. System.NotSupportedException: There is no YubiKey interface available to communicate with the requested application.
   at Yubico.YubiKey.YubiKeyDevice.TryConnect(Nullable`1 application, Byte[] applicationId, Boolean throwOnFail, IYubiKeyConnection& connection)
   at Yubico.YubiKey.YubiKeyDevice.Connect(YubiKeyApplication yubikeyApplication)
   at Yubico.YubiKey.Otp.OtpSession..ctor(IYubiKeyDevice yubiKey)

Is this to be expected running on ubuntu?

GregDomzalski commented 6 months ago

Yes, generally things are expected to work on any Linux Distro - Ubuntu being no exception.

Based on this exception, it seems like the SDK is not able to locate the USB Keyboard interface. I know in the past that sometimes you need to set up udev rules for our software to be given non-root access to these devices or to instruct udev to not attach certain drivers to the device.

I'd suggest applying the udev rules listed on this page and seeing if this addresses the issue. https://developers.yubico.com/yubikey-manager/Device_Permissions.html

DennisDyallo commented 2 months ago

Hi @olabacker ! Are you still experiencing this issue?

SheepReaper commented 2 months ago

@olabacker I must ask if you're trying to develop this inside wsl. WSL2 to date does not allow native access to usb devices. There are some neat 3rd party tools that can mount usb devices over ip which will allow you to do this though, so not all hope is lost.

If you're just looking for a way to use YK in wsl, this can be done easily through npiperelay. Whereby windows is driving the device, and ubuntu is using a remote ssh agent. It's simpler than it sounds. I have details if interested.

I'm just trying and failing to mind-read your intentions. Sorry.

I don't use usbip to utilize my YK, something about that feels wrong even though i know it's not leaving the hyper-v network.

DennisDyallo commented 2 weeks ago

Closing due to inactivity. Let us know if any more issues arise or you learn something new!