A simple graphical user interface (GUI) tool for managing FIDO2 security keys (such as YubiKeys, Feitian, Token2, or other hardware tokens).
This project was originally built for Fedora Linux, but it also works seamlessly on Arch Linux, CachyOS, and Ubuntu / KDE Neon with the right dependencies installed.
FIDO2 keys are powerful for authentication, but managing them from the command line can be intimidating.
FIDO2‑Key‑Manager provides a lightweight GTK interface to make common tasks easier:
- 🔍 View connected FIDO2 devices
- 📑 Display device information
- 🔐 Manage credentials stored on the key
- 🔄 Change or reset PINs
- 🧹 Perform factory resets (irreversible)
- 🖥️ Run interactive operations in a separate terminal (
xterm) for security and clarity
- Clean GTK‑based GUI
- Tooltips and dialogs for user guidance
- Uses
fido2-tokenunder the hood (fromlibfido2) - Independent terminal (
xterm) for PIN entry and resets
| Distro | Packages to Install |
|---|---|
| Fedora | sudo dnf install xterm python3-fido2 python3-gobject gtk3 |
| Arch/CachyOS | sudo pacman -S xterm libfido2 python-gobject gtk3 |
| Ubuntu / KDE Neon | sudo apt update && sudo apt install xterm python3-fido2 python3-gi libgtk-3-0 fido2-tools |
Run the application from the project directory:
python3 fido2_gui.py(Optional) Make the script executable:
chmod +x fido2_gui.py
./fido2_gui.pyNotes:
- Fedora:
python3-fido2provides the FIDO2 library and CLI tools. On Fedora Workstation,python3-gobjectandgtk3are usually preinstalled. - Arch/CachyOS:
libfido2includes the CLI tools (fido2-token,fido2-cred).python-gobjectandgtk3are required for the GTK GUI. - xterm: Used for PIN entry and factory reset prompts in a separate terminal window.
# Clone the repo
git clone https://github.com/kev2600/FIDO2-Key-Manager.git
cd FIDO2-Key-Manager
# Build and install using PKGBUILD
makepkg -siAfter installation, launch the app from your application menu or by running:
fido2-key-manager# Install prerequisites
sudo dnf install xterm python3-fido2 python3-gobject gtk3
sudo dnf install rpm-build rpmdevtools
# Set up the RPM build tree
rpmdev-setuptree
# Clone the repo (in your home directory)
git clone https://github.com/kev2600/FIDO2-Key-Manager.git
cd FIDO2-Key-Manager
# Copy the spec file into SPECS
cp fido2-key-manager.spec ~/rpmbuild/SPECS/
# Prepare the source tarball (exclude .git, name must match spec)
cd ..
cp -r FIDO2-Key-Manager fido2-key-manager-1.0.0
tar czvf ~/rpmbuild/SOURCES/master.tar.gz --exclude='.git' fido2-key-manager-1.0.0
# Build the RPM
rpmbuild -ba ~/rpmbuild/SPECS/fido2-key-manager.spec
# Install the generated RPM (note the Fedora release tag, e.g. fc43)
sudo dnf install ~/rpmbuild/RPMS/noarch/fido2-key-manager-1.0.0-1.fc$(rpm -E %fedora).noarch.rpmAfter installation, launch the app from your application menu or by running:
fido2-key-manager- PIN changes and factory resets require interactive confirmation in a separate
xtermwindow. - Factory reset is irreversible — all credentials on the key will be wiped.
- Always download dependencies from official repositories to avoid tampered software.
Distributed under the GPL‑3.0 license.
Free to use, modify, and share under the same terms.
Create a test resident credential using a WebAuthn demo site This works on every FIDO2 key: https://webauthn.io
macOS includes full support for FIDO2 devices through libfido2, and the Python FIDO2 library works as well.
The GTK3 GUI should run on macOS using Homebrew, but this is experimental — I don’t have a Mac to test on, so feedback is appreciated.
brew install python3 libfido2 gtk+3 pygobject3
Run the application
python3 fido2_gui.py
If you try this on macOS, please open an Issue and let me know how it behaves — your feedback will help improve cross‑platform support.