You are not logged in.
- Topics: Active | Unanswered
#1 2026-04-15 13:11:38
- awes
- Member
- Registered: 2015-03-13
- Posts: 24
Yubikey + Chromium - webauthn stopped working
Hello!
This used to work correctly, but at some point it stopped — I'm not sure exactly when.
Currently, when I try to authenticate, Chromium shows the prompt window, but it does not react to the YubiKey at all. The LED on the YubiKey also does not light up.
I use KDE+Wayland.
Thanks in advance for any suggestions.
Some logs:
dmesg
Linux 6.19.11-arch1-1 #1 SMP PREEMPT_DYNAMIC Thu, 02 Apr 2026 23:33:01 +0000 x86_64 GNU/Linux
...
[202923.275029] usb 1-9: USB disconnect, device number 39
[202925.373472] usb 1-9: new full-speed USB device number 46 using xhci_hcd
[202925.498547] usb 1-9: New USB device found, idVendor=1050, idProduct=0406, bcdDevice= 5.43
[202925.498559] usb 1-9: New USB device strings: Mfr=1, Product=2, SerialNumber=0
[202925.498562] usb 1-9: Product: YubiKey FIDO+CCID
[202925.498565] usb 1-9: Manufacturer: Yubico
[202925.503461] hid-generic 0003:1050:0406.0053: hiddev100,hidraw4: USB HID v1.10 Device [Yubico YubiKey FIDO+CCID] on usb-0000:00:14.0-9/input0Checking which device is handling FIDO:
fido2-token -L
/dev/hidraw4: vendor=0x1050, product=0x0406 (Yubico YubiKey FIDO+CCID)USB Device:
lsusb | grep -i yubikey
Bus 001 Device 046: ID 1050:0406 Yubico.com Yubikey 4/5 U2F+CCIDPermissions after connecting:
ls -l /dev/hidraw4
crw-rw----+ 1 root root 243, 4 04-15 14:39 /dev/hidraw4Trying chmod, no luck...
chmod 0666 /dev/hidraw4
ls -l /dev/hidraw4
# crw-rw-rw-+ 1 root root 243, 4 04-15 14:39 /dev/hidraw4pcscd service - active, but I don't know if it's needed (I've also checked with pcscd disabled)
systemctl status pcscd
● pcscd.service - PC/SC Smart Card Daemon
Loaded: loaded (/usr/lib/systemd/system/pcscd.service; indirect; preset: disabled)
Active: active (running) since Wed 2026-04-15 14:42:56 CEST; 3s ago
Invocation: f135805663624bab9513f61cca68830d
TriggeredBy: ● pcscd.socketchromium device log - chrome://device-log/
[14:44:52] UI step: kClosed
FIDODebug[14:44:48] Discovery session started.
FIDOEvent[14:44:48] UI step: kCableV2QRCode
FIDODebug[14:44:48] Transport availability checks done
FIDODebug[14:44:48] Discovery started for transport 0
FIDODebug[14:44:48] Transport availability not yet ready
FIDODebug[14:44:48] Discovery started for transport 3
FIDODebug[14:44:48] BLE adapter address 18:93:41:C6:6A:E1
FIDODebug[14:44:48] Transport availability not yet ready
FIDODebug[14:44:48] Bluetooth status enumerated
FIDODebug[14:44:48] Bluetooth status: On
FIDODebug[14:44:48] Transport availability not yet ready
FIDODebug[14:44:48] FidoRequestHandler observer set
FIDOEvent[14:44:48] Starting MakeCredential flow: { "attestation": "direct", "authenticatorSelection": { "residentKey": "discouraged", "userVerification": "discouraged" }, "challenge": "KUz6xUM2nwV1BlvGsBgWd0r19QLJ8ZRMTtlDnYCbvto", "excludeCredentials": [ ], "pubKeyCredParams": [ { "alg": -7, "type": "public-key" }, { "alg": -8, "type": "public-key" }, { "alg": -35, "type": "public-key" }, { "alg": -36, "type": "public-key" }, { "alg": -37, "type": "public-key" }, { "alg": -257, "type": "public-key" }, { "alg": -47, "type": "public-key" }, { "alg": -48, "type": "public-key" }, { "alg": -49, "type": "public-key" }, { "alg": -50, "type": "public-key" } ], "rp": { "id": "demo.yubico.com", "name": "Yubico Demo" }, "timeout": 600000, "user": { "displayName": "Yubico demo user", "id": "KeztCgK6nv4035SKCQAULjJ_GRM2pMqHz0gndGaG9oA", "name": "Yubico demo user" } }
FIDODebug[14:44:48] Transport availability not yet ready
FIDODebug[14:44:48] No need to check for biometrics on this platform
FIDODebug[14:44:48] Checking for bluetooth availability
FIDODebug[14:44:48] Adding discovery for transport 3
FIDODebug[14:44:48] Adding discovery for transport 0
FIDODebug[14:44:48] Initializing FIDO discoveries
FIDOEvent[14:44:48] Enclave authenticator disabled because no suitable accountYubiKey manager info (run as normal user)
I've disabled OTP, since I don't use it.
ykman info
Device type: YubiKey 5 Nano
Serial number: 13828877
Firmware version: 5.4.3
Form factor: Nano (USB-A)
Enabled USB interfaces: FIDO, CCID
Applications
Yubico OTP Disabled
FIDO U2F Enabled
FIDO2 Enabled
OATH Enabled
PIV Enabled
OpenPGP Enabled
YubiHSM Auth EnabledPackaged installed
libfido2 1.16.0-4
python-fido2 2.1.1-1
chromium 147.0.7727.55-1Last edited by awes (2026-04-15 13:14:43)
Offline