After a few failures that necessitated tedious kernel swapping I managed to build a working kernel with CONFIG_HIDRAW enabled. So now, it is possible to use a FIDO2 key like my Yubikey pictured above so that it can be used to do 2FA. I more or less followed the instructions for kernel build provided by Sipeed, and now I can use FIDO2 keys properly.
It’s bad enough that support for these kinds of FIDO2 authenticator keys is not as widespread as it could be, with many even highly security-critical online services still not supporting it as an option for 2FA. It is beyond silly that a simple kernel flag that is required to support them should be disabled on a kernel build that is intended for desktop use.
There really ought to be a way to self-host a kernel build too. But I suppose before that we ought to be able to make a u-boot build that can show itself on the laptop screen and use the laptop keyboard too. This is probably going to be a major effort.
Stormwyrm: 蛟龍 
Leave a comment