Translation(s): none
USBGuard is available on Debian to authorize USB devices on your hosts. According to its documentation:
- USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system). Simply put, it is a USB device whitelisting tool.
Default configuration
From DebianBullseye, when installing USBGuard, the daemon will be automatically started. All currently connected devices will be allowed to be used. When inserting a new device, if this device is not defined in the rules, it will be blocked.
Warning: USBGuard might block all USB devices on first installation or upgrade. If you have only USB keyboards you might be locked out of your system. It can also leave devices flagged as unauthorized on removal.
Manual recovery
To authorize all connected devices:
for d in /sys/bus/usb/devices/*/authorized; do echo 1 > $d; done