This was in part for my Yubikey hardware security toke.
The YubiKey 5Ci and YubiKey 5Ci FIPS are unique among the YubiKey products in that they can connect via the Apple Lightning ® port as well. I install an edge mounted underdesk USB hub and SD card reader for easy access to my USB and SD Cards. Should an exemption be obtained to deploy these devices with some interfaces disabled, the PID and iProduct values will be identical to the YubiKey 4/5 Series. *The YubiKey FIPS (4 Series) and YubiKey 5 FIPS Series devices, when deployed in a FIPS-approved mode, will have all USB interfaces enabled. For all YubiKeys, Yubico’s USB vendor ID (VID) is 0x1050. The CCID interface is enabled when the PIV, OATH or OpenPGP applications are enabled over USB. The FIDO interface is enabled when the U2F or FIDO2 applications are enabled over USB. The OTP interface is enabled when the OTP application is enabled over USB. The USB PID and iProduct string will change depending on which of the USB interfaces enabled and are described in the table below. Listing VID and PID gives administrators more granular control of how the USB restriction policies are implemented, ultimately allowing a successful YubiKey deployment. To enable YubiKeys the administrator must allow list the specific VID (0x1050) and multiple PIDs (See Product ID Table) that are used by the YubiKey. Each USB device has a Vendor ID and a Product ID that can be used to identify the device. An organization that chooses to implement YubiKeys may need to augment their USB device restriction policies, should there be restrictions in place, to allow the YubiKey to be explicitly supported. The YubiKey will present itself as a USB composite device in addition to each individual USB interface. All of the models in the YubiKey 5 Series provide a USB 2.0 interface, regardless of the form factor of the USB connector.
0 kommentar(er)
