Re: Passing through a YubiKey to a Windows VM for physical touch activation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On 3 Nov 2023 14:13 +0100, from b.laessig@xxxxxxxxxxxxxx (Björn Lässig):
> I had 2 smartcard readers for 10 years connected to different virtual
> machines. This worked for me all these years:
>  <hostdev mode='subsystem' type='usb' managed='yes'>
>       <source>
>         <vendor id='0x08e6'/>
>         <product id='0x3478'/>
>       </source>
>       <address type='usb' bus='0' port='4'/>
>  </hostdev>

Thank you! This looks _very_ promising, although I'm not really in a
position to fully test it right now, and I might not be able to do
that until some time next week. Reading at [1] I eventually ended up

    <hostdev mode='subsystem' type='usb' managed='no'>
      <source startupPolicy='optional'>
        <vendor id='0x0000'/>
        <product id='0x0000'/>
      <address type='usb' bus='0' port='N'/>

plus of course everything else to describe the VM and with actual
values for vendor and product ID and port number, to match the setup
of the VM in which I was able to briefly test this.

At the very least, as far as I could tell with a quick test, this lets
me hot plug and hot unplug the YubiKey without virt-manager yelling at
me; makes starting the VM not dependent on the YubiKey being plugged
in; and makes the guest OS recognize it for what it is rather than as
a generic HID keyboard device. Icing on the cake would have been if I
could also restrict redirection based on USB device serial number as
well, but it looks like that's not possible, or at least not readily


Michael Kjörling                     🔗
“Remember when, on the Internet, nobody cared that you were a dog?”
Users mailing list -- users@xxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxx

[Index of Archives]     [Virt Tools]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux