diff --git a/README.md b/README.md index 0936727..c19a83b 100644 --- a/README.md +++ b/README.md @@ -13,15 +13,25 @@ This program is basically complete, I am not currently planning to add new featu Disclaimer: This is a personal project, I am not a security expert and make no guarantee of security. -Like any U2F authenticator this program provides a degree of protection against phishing and poorly chosen passwords. It does **not** provide the same level of protection against malware that a hardware authenticator does. For some people the protection against phishing and convenience may be worth the security trade-off. +Like any U2F authenticator this program provides a degree of protection against phishing and poorly chosen passwords. It does **not** provide the same level of protection against malware that a hardware authenticator does. If your machine is compromised by malware, the attacker could steal a copy of the secret keys stored by this authenticator. In this situation you should immediately unregister this authenticator anywhere it is registered in addition to changing the passwords of any potentially compromised accounts. With a hardware authenticator secret keys never leave the device, so in the case of malware you can simply unplug from the infected machine and be confident your accounts are safe from further compromise. ## Installation +After installing, test your new virtual U2F device on a site supporting it such as: https://demo.yubico.com/webauthn-technical/registration + ### Arch -See https://aur.archlinux.org/packages/softu2f/ +Install the AUR package maintained by [@grawity](https://github.com/grawity): https://aur.archlinux.org/packages/softu2f/ + +Then enable and start the installed services: +```bash +systemctl --system enable softu2f.socket +systemctl --user enable softu2f.service +systemctl --system start softu2f.socket +systemctl --user start softu2f.service +``` ### Fedora @@ -40,10 +50,6 @@ sudo apt install -y softu2f systemctl --user start softu2f ``` -After installing, use your new virtual U2F device on a site supporting it such as: https://demo.yubico.com/webauthn-technical/registration - -Note on Ubuntu 16.04 LTS a reboot is required for changes from [dbus-user-session](https://launchpad.net/ubuntu/xenial/+package/dbus-user-session) to take effect. - ## Building See `Dockerfile.debian` or `Dockerfile.fedora` for pre-requisite packages that must be installed.