If you use a yubikey for two-factor authentication, you may be surprised to find it not working on Fedora 27. After installing, I could not use FIDO U2F in the browser when logging into an account. I then reproduced the issue using yubico’s own U2F demo page using both Firefox and Vivaldi browsers. I found nothing unusual in the systemd journal. At this point, I googled “yubikey neo fedora broken” and found a recent GitHub issue filed against the yubico authenticator application. Apparently, the “PC/SC Smart Card Daemon Activation Socket” needs to be enabled for the YubiKey to work, but it is not enabled or running (listening) by default in Fedora 27. Thanks to the effort of a yubico engineer, I found the root cause and fix. In short:
# Check whether the socket is running (listening)
systemctl status pcscd.socket
# Enable listening on the socket (to persist across boots)
systemctl enable pcscd.socket
# Start listening
systemctl start pcscd.socket