Update about passkeys on /e/OS 2.6

As already written in another thread, I was quite curious about /e/OS 2.6 as it potentially opens the door to using passkeys. So, I (partially :wink:) spent my Christmas holidays playing around with the new features and want to give an update.

First of all, what changed with /e/OS 2.6:

  1. Switch to microG v0.3.2.240913-102, i.e. FIDO2 USB-C sticks with PINs should now be supported
  2. Switch to Android v14, i.e. the underlying OS now supports 3rd party passkey providers.

FIDO2 USB-C stick

Unfortunately, option #1 does not work: my FIDO2 USB-C contains a passkey for github.com. When I plug this stick into my FP4 and try to log in on github.com on any major browser (Firefox, Chrome, Edge), nothing happens.

While this was a bit disappointing in the first place, it’s not such a big deal since having a dedicated USB device that I always have to carry with me wasn’t my favorite option anyway.

3rd party passkey providers

I have a Raspberry Pi, so could easily run a Docker Compose stack of the Bitwarden Unified Deployment beta. This took a bit of time due to my network settings at home (reverse proxy, custom Public Key Infrastructure, etc.), but the process was straightforward and rather easy. After an hour or so, I had an up-and-running Bitwarden instance and could connect to it using my Win11 machine. Next, I installed the Bitwarden add-on for Firefox and created a passkey for github.com without any issues.

Now comes the interesting piece: I’ve installed the Bitwarden Android app on my FP4 and could connect to the self-hosted Bitwarden server running on my Raspi without any issues. When navigating to github.com in Firefox for Android, I could successfully use the previously created passkey to login :nerd_face::partying_face:

This setting is now up and running for almost two weeks and several created and used passkeys later, I must admit that I’m more than happy. There are some glitches here and there (e.g. Bitwarden Docker container still runs as root, no distroless Docker image yet), but the main purpose of providing me with a reliable passkey platform works like a charm.

Don’t hesitate to ask any questions :upside_down_face:

4 Likes