Closed ln2max closed 3 years ago
OpenBSD is not officially supported by SatoshiLabs.
Please contact OpenBSD maintainer of the trezord package.
OpenBSD is not officially supported by SatoshiLabs.
Please contact OpenBSD maintainer of the trezord package.
There is no trezord package in OpenBSD, only this repository.
In that case maybe @kucharskim (OpenBSD user) or @alexdupre (FreeBSD user) might be able to help you.
trezord
installs and runs fine on OpenBSD, but the actual Trezor device (Trezor One) is not recognized.
I'm wondering what means not recognized
here. I didn't had time yet to properly sit down and look into running trezord
on OpenBSD, but one of the things to be aware of is https://marc.info/?l=openbsd-misc&m=154126108502919&w=2
On a default OpenBSD kernel, Trezor One is recognized, however as uhid(4)
device:
uhidev0 at uhub1 port 1 configuration 1 interface 0 "SatoshiLabs TREZOR" rev 2.00/1.00 addr 9
uhidev0: iclass 3/0
uhid0 at uhidev0: input=64, output=64, feature=0
Based on above link to MARC with email from Colin Bortner, trezord
leverages libusb
under the hood and that software only works with ugen(4)
devices. Above snippet from dmesg command is from kernel:
OpenBSD 6.8-current (GENERIC.MP) #302: Sat Jan 30 21:51:53 MST 2021
deraadt@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
I did only initial research so far, and I did not test properly on my end what Colin Bortner wrote. I would like to look into running trezord
on OpenBSD, but at the moment I'm short on spare time, so not sure when this will happen.
Okay, looking at the openbsd-misc post you linked above, it seems that
he had to rebuild his kernel so the device would be recognized as
ugen0
instead of uhid0
:
libusb on OpenBSD only supports ugen devices. So I added the Trezor to \
usb_quirks, forcing the ugen driver and rebuilt my kernel.
dev/usb/usbdevs.h:
> #define USB_VENDOR_SATOSHILABS 0x534c /* SatoshiLabs */
> #define USB_PRODUCT_TREZOR 0x0001 /* TREZOR */
dev/usb/usb_quirks.c:
> { USB_VENDOR_SATOSHILABS, USB_PRODUCT_TREZOR, ANY, { UQ_BAD_HID }},
And ugen attaches as expected:
> ugen0 at uhub1 port 1 "SatoshiLabs TREZOR" rev 2.00/1.00 addr 7
However, things have also changed a little bit... OpenBSD now does have HIDAPI support.
I don't know how to leverage this to get trezord
working without a
kernel recompile, though.
Any ideas?
Trezor does not use HID anymore but WebUSB, which is very similar but not the same.
Not sure how the WebUSB device is recognized on OpenBSD. That email from 2018 might not be relevant anymore.
On Thu, Feb 11, 2021 at 11:35:58AM -0800, Pavol Rusnak wrote:
Trezor does not use HID anymore but WebUSB, which is very similar but not the same.
WebUSB is disabled in OpenBSD for security reasons (why on earth does a
crypto product need WebUSD...?!) thus we need trezord
.
WebUSB is disabled in OpenBSD
You are confusing WebUSB support in Chrome, which is probably disabled, with WebUSB protocol which is almost exactly the same as HID and it's what Trezor use to communicate with the host.
trezord
installs and runs fine on OpenBSD, but the actual Trezor device (Trezor One) is not recognized.