U2F and Firefox on Funtoo

U2F is pretty neat. It can be used locally on a machine for authentication and for two factor authentication on websites. There are even plugins for using it on WordPress powered websites. At the time this article was written, Firefox does not enable U2F by default. Though, that looks to be changing with Firefox 68.

Enable U2F in Firefox

Enabling U2F in Firefox is fairly straightforward. In the URL bar enter: about:config. Then search for u2f. There should be an entry: security.webauth.u2f, set it to true.

Install pam_u2f

However, simply enabling U2F in Firefox is not enough for a U2F device to work. To get everything working, pam_u2f needs to be installed. On Funtoo, this is quite simple:

emerge -av pam_u2f

After installing pam_u2f, Firefox should now be able to query your U2F key.

U2F and KDE/SDDM on Funtoo

U2F keys, such as the yubico YubiKey are relatively easy and inexpensive way to add two factor authentication to one’s workstation. Adding U2F authentication to local accounts on a linux machine is quite easy. In Gentoo/Funtoo, the pam_u2f ebuild will provide everything you need to get started.

Continue reading