# Allow members of group u2f to access U2F authentication tokens. # 'notify' rules work on /dev/usb/* (used by libu2f-host), # 'attach' rules work on /dev/uhid* (used by web browsers) # Yubico Yubikey notify 100 { match "system" "USB"; match "subsystem" "DEVICE"; match "type" "ATTACH"; match "vendor" "0x1050"; match "product" "(0x0113|0x0114|0x0115|0x0116|0x0120|0x0200|0x0402|0x0403|0x0404|0x0406|0x0407|0x0410)"; action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; }; attach 100 { match "vendor" "0x1050"; match "product" "(0x0113|0x0114|0x0115|0x0116|0x0120|0x0200|0x0402|0x0403|0x0404|0x0406|0x0407|0x0410)"; action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; }; # Happlink (formerly Plug-Up) Security KEY notify 100 { match "system" "USB"; match "subsystem" "DEVICE"; match "type" "ATTACH"; match "vendor" "0x2581"; match "product" "0xf1d0"; action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; }; attach 100 { match "vendor" "0x2581"; match "product" "0xf1d0"; action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; }; # Neowave Keydo and Keydo AES notify 100 { match "system" "USB"; match "subsystem" "DEVICE"; match "type" "ATTACH"; match "vendor" "0x1e0d"; match "product" "(0xf1d0|0xf1ae)"; action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; }; attach 100 { match "vendor" "0x1e0d"; match "product" "(0xf1d0|0xf1ae)"; action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; }; # HyperSecu HyperFIDO notify 100 { match "system" "USB"; match "subsystem" "DEVICE"; match "type" "ATTACH"; match "vendor" "(0x096e|0x2ccf)"; match "product" "0x0880"; action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; }; attach 100 { match "vendor" "(0x096e|0x2ccf)"; match "product" "0x0880"; action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; }; # Feitian ePass FIDO, BioPass FIDO2 notify 100 { match "system" "USB"; match "subsystem" "DEVICE"; match "type" "ATTACH"; match "vendor" "0x096e"; match "product" "(0x0850|0x0852|0x0853|0x0854|0x0856|0x0858|0x085a|0x085b|0x085d)"; action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; }; attach 100 { match "vendor" "0x096e"; match "product" "(0x0850|0x0852|0x0853|0x0854|0x0856|0x0858|0x085a|0x085b|0x085d)"; action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; }; # JaCarta U2F notify 100 { match "system" "USB"; match "subsystem" "DEVICE"; match "type" "ATTACH"; match "vendor" "0x24dc"; match "product" "(0x0101|0x0501)"; action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; }; attach 100 { match "vendor" "0x24dc"; match "product" "(0x0101|0x0501)"; action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; }; # U2F Zero notify 100 { match "system" "USB"; match "subsystem" "DEVICE"; match "type" "ATTACH"; match "vendor" "0x10c4"; match "product" "0x8acf"; action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; }; attach 100 { match "vendor" "0x10c4"; match "product" "0x8acf"; action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; }; # VASCO SeccureClick notify 100 { match "system" "USB"; match "subsystem" "DEVICE"; match "type" "ATTACH"; match "vendor" "0x1a44"; match "product" "0x00bb"; action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; }; attach 100 { match "vendor" "0x1a44"; match "product" "0x00bb"; action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; }; # Bluink Key notify 100 { match "system" "USB"; match "subsystem" "DEVICE"; match "type" "ATTACH"; match "vendor" "0x2abe"; match "product" "0x1002"; action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; }; attach 100 { match "vendor" "0x2abe"; match "product" "0x1002"; action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; }; # Thetis Key notify 100 { match "system" "USB"; match "subsystem" "DEVICE"; match "type" "ATTACH"; match "vendor" "0x1ea8"; match "product" "(0xf025|0xfc25)"; action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; }; attach 100 { match "vendor" "0x1ea8"; match "product" "(0xf025|0xfc25)"; action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; }; # Nitrokey FIDO U2F notify 100 { match "system" "USB"; match "subsystem" "DEVICE"; match "type" "ATTACH"; match "vendor" "0x20a0"; match "product" "0x4287"; action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; }; attach 100 { match "vendor" "0x20a0"; match "product" "0x4287"; action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; }; # Nitrokey FIDO 2 notify 100 { match "system" "USB"; match "subsystem" "DEVICE"; match "type" "ATTACH"; match "vendor" "0x20a0"; match "product" "0x42b1"; action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; }; attach 100 { match "vendor" "0x20a0"; match "product" "0x42b1"; action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; }; # Google Titan U2F notify 100 { match "system" "USB"; match "subsystem" "DEVICE"; match "type" "ATTACH"; match "vendor" "0x18d1"; match "product" "0x5026"; action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; }; attach 100 { match "vendor" "0x18d1"; match "product" "0x5026"; action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; }; # Tomu board + chopstx U2F + SoloKeys notify 100 { match "system" "USB"; match "subsystem" "DEVICE"; match "type" "ATTACH"; match "vendor" "0x0483"; match "product" "(0xcdab|0xa2ca)"; action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; }; attach 100 { match "vendor" "0x0483"; match "product" "(0xcdab|0xa2ca)"; action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; }; # SoloKeys notify 100 { match "system" "USB"; match "subsystem" "DEVICE"; match "type" "ATTACH"; match "vendor" "0x1209"; match "product" "(0x5070|0x50b0)"; action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; }; attach 100 { match "vendor" "0x1209"; match "product" "(0x5070|0x50b0)"; action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; }; # Trezor (One and T models) notify 100 { match "system" "USB"; match "subsystem" "DEVICE"; match "type" "ATTACH"; match "vendor" "0x534c"; match "product" "0x0001"; action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; }; attach 100 { match "vendor" "0x534c"; match "product" "0x0001"; action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; }; notify 100 { match "system" "USB"; match "subsystem" "DEVICE"; match "type" "ATTACH"; match "vendor" "0x1209"; match "product" "(0x53c0|0x53c1)"; action "chgrp u2f /dev/$cdev; chmod g+rw /dev/$cdev"; }; attach 100 { match "vendor" "0x1209"; match "product" "(0x53c0|0x53c1)"; action "chgrp u2f /dev/$device-name; chmod g+rw /dev/$device-name"; };