To utilize the browser-based Via or Keychron Launcher applications on Linux, you need to adjust some permission settings. By default, your user account lacks the permissions to transmit arbitrary commands via USB. This limitation has its benefits, as Firefox also does not support WebUSB due to security concerns. However, these browser-based applications depend on this functionality.
Giving permissions
The recommended approach to grant user permissions is to use udev rules that can target specific devices. These rules are maintained in the directory /etc/udev/rules.d/. We will create a new rule for Via with the following content:
sudo nano /etc/udev/rules.d/99-via-usb.rules# keychron k3 max
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="3434", ATTRS{idProduct}=="0a31", MODE="0666", GROUP="users", TAG+="uaccess", TAG+="udev-acl"If you’re using a different keyboard, you can identify its idVendor and idProduct by executing lsusb, which will output a line such as:
Bus 001 Device 024: ID 3434:0a31 Keychron Keychron K3 MaxAlthough you could just omit the ATTRS filter, doing so would grant the browser access to all HID devices, which poses security risks.
To apply the new rules run:
sudo udevadm control --reload-rules && sudo udevadm triggerYou can verify that everything is working as expected by visiting chrome://device-log/ after trying to connect to the device and check for access denied message.
Keychron additions
For users of the Keychron launcher, you should also incorporate the following line:
# keychron k3 max stm bootloader
SUBSYSTEM=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="df11", MODE="0666", GROUP="users", TAG+="uaccess", TAG+="udev-acl"This line enables firmware updates when the keyboard is in bootloader mode.
Similarly, add this line to allow the browser to access the 2.4GHz dongle:
# keychron link
SUBSYSTEM=="usb", ATTRS{idVendor}=="3434", ATTRS{idProduct}=="d030", MODE="0666", GROUP="users", TAG+="uaccess", TAG+="udev-acl"