Yubikey with FIDO2 (or FIDO1 U2F) not recognized in non-WSL guest

[rbeede]

I am attempting to use a Yubikey 5 (and also 4) inside an Ubuntu 22 Hyper-V guest (not WSL). I specifically want WebAuthN FIDO2 mode in a Chrome/Firefox browser.

I have been successful in sharing from the host and attaching to the USB in the guest, but it appears the necessary USB communication for FIDO2/U2F is not working. This issue seems a little similar to https://github.com/dorssel/usbipd-win/issues/97, but I'm not trying to get OTP (/dev/console) functionality.

From host hypervisor

usbipd bind --busid=3-2

From the Ubuntu 22 guest VM in Hyper-V

usbip list --remote=192.168.1.200
Exportable USB devices
======================
 - 192.168.1.200
        3-2: Yubico.com : Yubikey 4/5 OTP+U2F (1050:0403)
           : USB\VID_1050&PID_0403\6&16D50F4A&0&2
           : (Defined at Interface level) (00/00/00)
           :  0 - Human Interface Device / Boot Interface Subclass / Keyboard (03/01/01)
           :  1 - Human Interface Device / No Subclass / None (03/00/00)

sudo usbip attach --remote=192.168.1.200 --busid=3-2

lsusb
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 006: ID 1050:0403 Yubico.com Yubikey 4/5 OTP+U2F
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

Yubikey Manager GUI on the guest does see the Yubikey, but trying to auth process with Chrome/Firefox just fails. Doing a WebAuthN FIDO2 (or fido1 u2f) press on the host hypervisor works fine (when not attached to the guest).

[dorssel]

Maybe an additional driver is required in the WSL kernel? Are there any errors logged when you do: https://github.com/dorssel/usbipd-win/wiki/Troubleshooting? Anything in WSL syslog?

[rbeede]

To clarify, I am not using WSL but an independent Ubuntu 22 guest VM running in Hyper-V.

No unexpected errors in the Application event viewer logs. I'll dig into other Ubuntu kernel drivers that may be needed for Yubikeys.