Security Key not working under macosx
MisterBianco opened this issue · 3 comments
I am using a thetis u2f fido2 security key and when I use the command:
aws-adfs login --u2f-trigger-default --profile=master --adfs-host=HOSTNAME --no-ssl-verification
I get the following error:
Sending request for authentication
Waiting for additional authentication
Triggering authentication method: 'WAPO4R15C9P36B8RW0BK'
Exception in thread Thread-1:
Traceback (most recent call last):
File "/Users/_/.pyenv/versions/3.9.0/lib/python3.9/threading.py", line 950, in _bootstrap_inner
self.run()
File "/Users/_/.pyenv/versions/3.9.0/lib/python3.9/threading.py", line 888, in run
self._target(*self._args, **self._kwargs)
File "/Users/_/.pyenv/versions/3.9.0/lib/python3.9/site-packages/aws_adfs/_duo_authenticator.py", line 126, in _perform_authentication_transaction
transaction_id = _begin_authentication_transaction(
File "/Users/_/.pyenv/versions/3.9.0/lib/python3.9/site-packages/aws_adfs/_duo_authenticator.py", line 572, in _begin_authentication_transaction
raise click.ClickException(
click.exceptions.ClickException: Cannot begin authentication process. The error response: {"stat": "FAIL", "message": "Unknown authentication method."}
I have ensured that the security key is set to be the default device and I can see from the verbose print out that the query used to find u2f keys is returning 0 results as the key doesnt match the query. I can send the full verbose logs but would prefer it be non public.
I have also verified that my system recognizes the key correctly.
aws-adfs version: 1.24.5
mac osx: 10.15.7
python version: 3.9.0
Hi @MisterBianco, does your thetis u2f fido2 security key work with the same command on Linux?
I think Duo dropped support for U2F and is now forcing webauthn. Had same thing start happening in my app recently (Golang).
Update:
Looks like Google dropped u2f support and this caused some others to drop support for the protocol.
I'm working on moving from U2F to webauthn since last week. Interaction with website seems ok, but I'm facing issues performing the challenge with USB key.