[Pkg-auth-maintainers] Bug#898519: Bug #898519: libpam-u2f: upgrade to 1.0.6 breaks authentication with u2fzero device
Jörg
jkur at corsario.org
Mon May 28 11:30:15 BST 2018
Hi,
thanks for the reply and investigating the issue.
On Sun, May 27, 2018 at 01:08:28AM +0200, Nicolas Braud-Santoni wrote:
> On Sat, May 26, 2018 at 11:18:40PM +0200, Nicolas Braud-Santoni wrote:
> > In the meantime, I am forwarding this bug upstream (against pam-u2f), who
> > might be able to pinpoint the issue faster than I would. (OTOH, several of
> > the pam-u2f upstream developers are in the relevant packaging team and
> > should have received the bug report anyhow.)
>
> Upstream suggested this might be a regression introduced by the implementation
> of the cue option [0]; could you try removing the cue option?
Well, the "cue" option alone did not help.
I've tried several configs.
In the end it's simply the update to pam-u2f-1.0.7 that helps.
The "nodetect" option was introduced and this helps with the u2fzero device.
I tried with the debian source and made and new upstream release.
$ apt source pam-u2f
$ cd pam-u2f-1.0.6
$ uscan
$ uupdate -v 1.0.7 ../pam_u2f-1.0.7.tar.gz
$ dpkg-buildpackage -us -uc
# dpkg -i libpam-u2f_1.0.7-1_amd64.deb
# cat /etc/pam.d/u2f
auth required pam_u2f.so authfile=/etc/u2f_keys interactive nodetect debug
And it works.
Therefore, i think a new release to 1.0.7 would solve the issue.
As far as understand an update of libu2f-host and libu2f-server is not needed.
See also https://github.com/Yubico/pam-u2f/issues/97 for more logs.
Greetings,
Jörg
--
Jörg (j at corsario.org)
GPG-ID: 0xFAE26711E6EBF94D
Fingerprint: 8A79 8BF8 0A04 60EA A004 7E42 FAE2 6711 E6EB F94D
More information about the Pkg-auth-maintainers
mailing list