FIDO2 With Linux#
The Nitrokey FIDO2 supports two-factor authentication (2FA) and passwordless authentication:
With passwordless authentication, entering a password is replaced by logging in with the Nitrokey FIDO2 and a PIN.
With two-factor authentication (2FA), the Nitrokey FIDO2 is checked in addition to the password.
The Nitrokey FIDO2 can be used with any current browser.
The Nitrokey App can not be used for the Nitrokey FIDO2.
Check online if your Nitrokey FIDO2 has the latest firmware installed.
Open a web page that supports FIDO2 (currently only Microsoft).
Log in to the website and go to “Set up security key” in the security settings of your account.
Now you need to set a PIN for your Nitrokey FIDO2.
Touch the button of your Nitrokey FIDO2 when prompted.
Once you have successfully configured the device, you will need to activate your Nitrokey FIDO2 this way each time you log in, after entering your PIN.
Two-Factor Authentication (2FA)#
Open one of the websites that support FIDO U2F.
Log in to the website and enable two-factor authentication in your account settings. (In most cases you will find a link to the documentation of the supported web service at dongleauth.com)
Register your Nitrokey FIDO2 in the account settings by touching the button to activate the Nitrokey FIDO2. After you have successfully configured the device, you must activate the Nitrokey FIDO2 this way each time you log in.
You are now ready to go.
If the Nitrokey is not detected, proceed the following:
Copy this file 41-nitrokey.rules to
/etc/udev/rules.d/. In very rare cases, the system will need the older version of this file.
Restart udev via
sudo service udev restart.