How to disable OpenSC YubiKey password prompt in Firefox

Question

I have a YubiKey nano plugged into a 2019 MacBook Pro.

When I visit some websites (one public example being Gmail), Firefox brings up a password dialog prompting me to enter the YubiKey password. Gmail has nothing to do with my YubiKey. Also, I don't even have the password because my organization does not give us the master key to our YubiKeys.

Password Required - Mozilla Firefox
Please enter the password for the PKCS#11 token
YK-XXX-XXX ..

The only slightly informative additional avenue I've discovered is to go to Settings -> Security Devices and view the OpenSC device information (See the two bottom images).

Is there a way to disable the prompt?

I don't want to ditch Firefox, but this is a daily annoyance and I have googled the subject extensively and feel like I must be missing something!

Answer 1

On the Security Devices Page (Which you can find by clicking on settings and then searching for "Security Devices"), find the OpenSC library and then click unload. This will remove it until you manually re-add the library.

To re-add the library find the path to the opensc library. On (Most) Linux distributions that is /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so. Click Load, specify the correct path (possibly above), and supply an informative name and you are back in action.

Update

A better approach is to go to about:config in your URL bar on firefox and set:

security.osclientcerts.assume_rsa_pss_support:  false

Alternatively, you can edit your user.js file (located in your profile directory) to contain:

user_pref("security.osclientcerts.assume_rsa_pss_support", false);

Answer 2

In my case, the opensc package was installed long ago and wasn't required, so I uninstalled it and resolved this annoyance.

Sorry, this doesn't answer the question if you have to use opensc for something else, but at least a second thought to check if you really need that package.