U2f-proxy on 4.2

It would seem adding the following policy works:


u2f.Register * @anyvm sys-usb allow

u2f.Authenticate * @anyvm sys-usb allow

ctap.GetInfo * @anyvm sys-usb allow

ctap.ClientPin * @anyvm sys-usb allow

If you use a webauthn test site without that you’ll see a bunch of
notifications warning that a policy denial has happened. I worked out
the above by adding things until the denials disappeared.

3 Likes