Open craftyguy opened 5 years ago
On one of my linux systems running GalliumOS (Ubuntu variant for Chromebooks), I needed to also add MODE="0664", GROUP="plugdev"
to the rule (my user is in the plugdev group. The rule above works fine on debian. The full line I used for Gallium was:
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", MODE="0664", GROUP="plugdev", TAG+="uaccess"
I'm guessing this is a misconfiguration of something on my part (e.g. my local user should have access to devices tagged with uaccess, but in my case this is not happening despite the tagging operating properly).
It may also be useful to add a symlink, by appending something like
, SYMLINK+="solokey"
to more easily identify the device in /dev
(otherwise, it gets an entry /dev/hidrawX
with not-very-deterministic X
). Don't forget to udevadm trigger
.
You can check if the permissions work via cat /dev/solokey
(read access) and echo 'Hello, Solo' > /dev/solokey
(write access).
We have some technical documentation under https://solo.solokeys.io/udev/ -- pull requests welcome!
The default rules did not work for me on Ubuntu 18.04. After some playing around, this worked
# Solo
ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", ATTRS{product}=="Solo", TAG+="uaccess", GROUP="plugdev", SYMLINK+="solokey", KERNEL=="hidraw*", SUBSYSTEM=="hidraw"
The only change seems to be the addition of ATTRS{product}=="Solo"
@stevesong this udev rules worked for me running on Antergos, thanks!
This might be of importance, considering the use of plugdev
in the future https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897916
I'm running on Antergos and i do not have plugdev
group. It's also not listed on https://wiki.archlinux.org/index.php/Users_and_groups#Group_list (although i can't say if that list is up to date or not).
@ahwayakchih (& others)
Is my top-level comment in this issue hidden from folks? The udev rule I posted does not require the plugdev group. It works on Arch Linux (I am using Arch Linux). I'll repost it since it seems that it is not visible for some reason:
/etc/udev/rules.d/70-solo_key.rules
:
# Solo
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="a2ca", TAG+="uaccess"
@craftyguy your initial issue is visible. not clear to me why you voted down my comment which merely points out that ATTRS{product}=="Solo" was required to make the rules work on Ubuntu 18.04
@craftyguy i have it working here. I was just answering to previous comments. I'm sorry if i wasn't clear about that :).
FYI, it appears that the Yubikey rules are incomplete if you want to use gpg with SSH access. I needed to add this line to get gpg --card-status
to work with a Yubikey:
# Yubico YubiKey: CCID (Smart Card access for gpg)
SUBSYSTEMS=="usb", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0113|0114|0115|0116|0120|0200|0402|0403|0406|0407|0410", TAG+="uaccess"
This is irrelevant now, but I know similar capability is on the roadmap for solo, so the udev rules and docs will likely need adjustment when the feature is available.
I had to add the following udev rule to get the Solo key to be recognized on Linux:
/etc/udev/rules.d/70-solo_key.rules
: