Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
U2F not working in Snap distribution
See original GitHub issueRelated issues, both closed now:
Description
U2F key is not seen by Brave and it eventually times out offering fallback to TOTP. Journalctl displays these logs, which implies the Snap is missing plugs allowing it to access the U2F device:
Steps to Reproduce
1. snap install --beta brave
2. Try to login to an U2F-enabled website (Bitbucket in my case)
Actual result:
U2F key is not seen by Brave and it eventually times out offering fallback to TOTP. Journalctl displays these logs, which implies the Snap is missing plugs allowing it to access the U2F device:
Nov 06 14:26:17 pax kernel: usb 1-2: new full-speed USB device number 24 using xhci_hcd
Nov 06 14:26:17 pax kernel: usb 1-2: New USB device found, idVendor=1050, idProduct=0120, bcdDevice= 5.02
Nov 06 14:26:17 pax kernel: usb 1-2: New USB device strings: Mfr=1, Product=2, SerialNumber=0
Nov 06 14:26:17 pax kernel: usb 1-2: Product: Security Key by Yubico
Nov 06 14:26:17 pax kernel: usb 1-2: Manufacturer: Yubico
Nov 06 14:26:17 pax kernel: hid-generic 0003:1050:0120.0008: hiddev1,hidraw2: USB HID v1.10 Device [Yubico Security Key by Yubico] on usb-0000:00:14.0-2/input0
Nov 06 14:26:17 pax mtp-probe[5973]: checking bus 1, device 24: "/sys/devices/pci0000:00/0000:00:14.0/usb1/1-2"
Nov 06 14:26:17 pax mtp-probe[5973]: bus: 1, device: 24 was not an MTP device
Nov 06 14:26:17 pax audit[5028]: AVC apparmor="DENIED" operation="open" profile="snap.brave.brave" name="/sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/busnum" pid=5028 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Nov 06 14:26:17 pax audit[5028]: AVC apparmor="DENIED" operation="open" profile="snap.brave.brave" name="/sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/devnum" pid=5028 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Nov 06 14:26:17 pax audit[5028]: AVC apparmor="DENIED" operation="open" profile="snap.brave.brave" name="/sys/devices/pci0000:00/0000:00:14.0/usb1/1-2/1-2:1.0/0003:1050:0120.0008/report_descriptor" pid=5028 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Nov 06 14:26:17 pax mtp-probe[5983]: checking bus 1, device 24: "/sys/devices/pci0000:00/0000:00:14.0/usb1/1-2"
Expected result:
U2F is detected by Brave
Reproduces how often:
Always
Brave version (brave://version info)
Brave | 0.69.135 Chromium: 77.0.3865.120 (Official Build) (64-bit)
-- | --
Revision | 416d6d8013e9adb6dd33b0c12e7614ff403d1a94-refs/branch-heads/3865@{#884}
OS | Linux
JavaScript | V8 7.7.299.13
Flash | (Disabled)
User Agent | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36
Command Line | /snap/brave/61/opt/brave.com/brave/brave-browser --enable-dom-distiller --disable-domain-reliability --disable-chrome-google-url-tracking-client --no-pings --extension-content-verification=enforce_strict --extensions-install-verification=enforce --enable-features=NewExtensionUpdaterService,WebUIDarkMode,SimplifyHttpsIndicator --disable-features=AudioServiceOutOfProcess,AutofillServerCommunication,LookalikeUrlNavigationSuggestionsUI,UnifiedConsent --flag-switches-begin --flag-switches-end
Executable Path | /snap/brave/61/opt/brave.com/brave/brave-browser
Profile Path | /home/kravietz/snap/brave/61/.config/BraveSoftware/Brave-Browser/Default
Version/Channel Information:
$ snap list brave
Name Version Rev Tracking Publisher Notes
brave 0.69.135 61 beta brave -
Other Additional Information:
- Does the issue resolve itself when disabling Brave Shields? NO
- Does the issue resolve itself when disabling Brave Rewards? NO
Miscellaneous Information:
Thread on Snapcraft forum https://forum.snapcraft.io/t/u2f-not-working-in-firefox-snap/14039
Issue Analytics
- State:
- Created 4 years ago
- Reactions:3
- Comments:26 (11 by maintainers)
Top Results From Across the Web
U2F not working in Firefox Snap - Snapcraft forum
When using Firefox installed from snap, U2F key is not seen by Firefox and it eventually times out. Journalctl displays these logs, which...
Read more >U2F keys not working in Ubuntu 22.04? Remove the snap ...
I have 2 older keys working fine, I added some new ones that were able ... issues, it is still better to install...
Read more >Chromium-Browser not recognizing yubikey u2f anymore?
I'm just having a strange problem, seeing it on two different 18.04 machines. I had been using several u2f tokens, some are just...
Read more >Installing Yubico Software on Linux
This article covers a number of methods for installing Yubico software on Linux. Yubico Authenticator. Recommended - Install via Snap Store, ...
Read more >NEW PRODUCT – FIDO U2F Security Key - Adafruit Blog
That's where physical USB tokens can make your life way easier. These work seamlessly on Chrome or Opera web-browsers, with no drivers or ......
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
We added a couple of dependencies to the Snap package in https://github.com/brave/brave-browser-snap/pull/14.
Is this still broken?
this seems like it could be a higher priority given the crypto focus of the browser, can we possibly bounty this? it doesn’t seem like it should be super hard, I am not familiar enough w snaps/apparmor to say for sure but someone with relevant experience probably could