ctsrc
commented
6 months ago Came here to report the same and to request similarly.
For example in https://wiki.gentoo.org/wiki/PAM/U2F they describe it well
Kernel
Most U2F USB keys identify themselves as raw HIDs (Human Interface Devices). Two kernel configuration modules are needed:
CONFIG_HID CONFIG_USB_HIDDEV
Enable support for USB Human Interface Devices
Device Drivers ---> [*] HID Devices ---> [*] /dev/hidraw raw HID device support ... USB HID support ---> [*] /dev/hiddev raw HID device supportIn many situations, this kernel configuration is already active. If support for /proc/config.gz is enabled, then the following command can verify proper support is available in the running kernel:
zgrep -E "HID(DEV|RAW)" /proc/config.gz
Running that kernel config support check command on my StarFive VisionFive 2 shows that in the kernel included with the Debian image that is distributed via https://rvspace.org/en/home these options are currently not enabled:
zgrep -E "HID(DEV|RAW)" /proc/config.gz# CONFIG_HIDRAW is not set
# CONFIG_USB_HIDDEV is not setcat /proc/versionLinux version 6.1.31-starfive (leo@leo-virtual-machine) (riscv64-unknown-linux-gnu-gcc (g2ee5e430018) 12.2.0, GNU ld (GNU Binutils) 2.40.0.20230214) #1 SMP Mon Mar 4 21:31:49 CST 2024Please turn these on in the kernel build config.
I am using a Ledger Nano X hardware device with Fido U2F on it, connected to my VisionFive 2 by USB, and already added the udev rules from https://github.com/Yubico/libfido2/blob/main/udev/70-u2f.rules but that is not sufficient and it seems likely that enabling these kernel build config settings would allow it to work.
I use Feitian (Yokey), and Chris also uses YubiKey at 16:55 in this video: https://youtu.be/Na6PT4npsMg?si=ChTsqhIDu-eMq737&t=1015. Both brands were not working because the options CONFIG_USB_HIDDEV and CONFIG_HIDRAW were not enabled in the kernel.
I recompiled my kernel with both options enabled, and my FIDO key works again.