This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Firefox using FIDO2 Security Keys

more options

Firefox seems to have a problem on Linux using USB Security Keys. I have two Yubico Security Keys which I use for 2FA. The problem seems to be that Firefox cannot communicate with the USB port, as it doesn't make any difference whether the USB Security Key is plugged in or not, the error returned is always the same and the Security Key does not light up.

I believe Firefox's WebAuth code must be fine, as it works on Windows, which is why I think it's some kind of permissions problem. Chrome works perfectly with the Security Keys on my computer.

I've used a number of sites (I've listed a couple below) where you can test your Security Key with Firefox on KDE Neon and the error is always "UnknownError: The operation failed for an unknown transient reason":

https://www.token2.com/tools/fido2-test/ https://demo.yubico.com/webauthn-technical/registration

I cannot log into Bugzilla with GitHub as my GitHub login uses a Security Key as the second factor.

Firefox seems to have a problem on Linux using USB Security Keys. I have two Yubico Security Keys which I use for 2FA. The problem seems to be that Firefox cannot communicate with the USB port, as it doesn't make any difference whether the USB Security Key is plugged in or not, the error returned is always the same and the Security Key does not light up. I believe Firefox's WebAuth code must be fine, as it works on Windows, which is why I think it's some kind of permissions problem. Chrome works perfectly with the Security Keys on my computer. I've used a number of sites (I've listed a couple below) where you can test your Security Key with Firefox on KDE Neon and the error is always "UnknownError: The operation failed for an unknown transient reason": https://www.token2.com/tools/fido2-test/ https://demo.yubico.com/webauthn-technical/registration I cannot log into Bugzilla with GitHub as my GitHub login uses a Security Key as the second factor.

Chosen solution

You can try Firefox from the official Mozilla server if you currently use a version from the repositories of your Linux distribution to see if it behaves differently.

Read this answer in context 👍 1

All Replies (3)

more options

Chosen Solution

You can try Firefox from the official Mozilla server if you currently use a version from the repositories of your Linux distribution to see if it behaves differently.

more options

As you suggested, downloading the official version of Firefox from your website solved the problem. I will post a ticket on KDE Neon's bug tracker that their default installation of Firefox is not configured properly.

Many, many thanks for your help.

more options

This isn't actually a firefox problem. KDE Neon uses the firefox package from the Mozilla Team PPA and there's nothing wrong with that package. The problem is that Neon enables app armor on firefox which breaks access to password managers and security keys. sudo aa-disable usr.bin.firefox works around the problem by disabling app armor for firefox. aa-complain was not sufficient in this case.