Closed m-ueberall closed 5 months ago
@m-ueberall Thank you for the fix! I've commited it in https://github.com/olastor/clevis-pin-fido2/commit/1f4a9b6430ba6a2e492d6b6931f63a84e5042f0f and also changed the default of uv
to be false
(since I think Yubikey should work without explicitly setting this to false
). I noticed the same error yesterday when trying a Yubikey 5, but wasn't able to find the issue right away.
Currently, calls to
fido2-assert
explicitly specify a value for option-t uv
(user verification). At least in conjunction with the current version 1.14.0 of libfido2, this does not work for the Yubikey 5 NFC (tested with a couple of different key versions 5.2.6 … 5.4.3 at hand which also do not supportfido2-token -Su|-Du
). The attached patch yubikey5nfc_uv_patch.txt therefore omits said option if both the specified value isfalse
andfido2-token -I
does not explicitly listuv
underoptions:
. (Default values forpin
,up
,uv
remain unchanged.)