trishankatdatadog
commented
5 years ago Thanks for reporting the issue! No, I don't think so. Could you try updating your local copy of this line, and see if everything works for you?
Closed mikl closed 5 years ago
trishankatdatadog
commented
5 years ago Thanks for reporting the issue! No, I don't think so. Could you try updating your local copy of this line, and see if everything works for you?
mikl
commented
5 years ago Ok, I tried the gpg script, and I have a few notes:
git installed from homebrew and fails if it is not present.Warning: gnupg 2.2.17 is already installed, it's just not linked while installing), the script will fail, since it expects /usr/local/bin/gpgconf to be present. I expect this happened to me because I had GPG installed from https://gpgtools.org/Working around these, it still fails while trying to set the GPG key on device, here’s how it looked on my shell:
Please save this new Admin PIN immediately in your password manager.
Have you done this? yes
Yubikey status:
Reader ...........: Yubico YubiKey OTP FIDO CCID
Application ID ...: [snip]
Version ..........: 3.4
Manufacturer .....: Yubico
Serial number ....: [snip]
Name of cardholder: [not set]
Language prefs ...: [not set]
Sex ..............: unspecified
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: not forced
Key attributes ...: rsa2048 rsa2048 rsa2048
Max. PIN lengths .: 127 127 127
PIN retry counter : 3 0 3
Signature counter : 0
KDF setting ......: on
Signature key ....: [none]
Encryption key....: [none]
Authentication key: [none]
General key info..: [none]
RESETTING THE OPENGPG APPLET ON YOUR YUBIKEY!!!
WARNING! This will delete all stored OpenPGP keys and data and restore factory settings? [y/N]: y
Resetting OpenPGP data, don't remove your YubiKey...
Success! All data has been cleared and default PINs are set.
PIN: 123456
Reset code: NOT SET
Admin PIN: 12345678
Backing up /Users/mikl/.gnupg/gpg-agent.conf to /Users/mikl/.gnupg/gpg-agent.conf.[snip]
Using *default* GPG homedir: /Users/mikl/.gnupg
Turning off Yubikey OTP:
spawn ykman mode FIDO+CCID
Set mode of YubiKey to FIDO+CCID? [y/N]: y
Now generating your GPG keys on the Yubikey itself.
spawn gpg --homedir=/Users/mikl/.gnupg --card-edit
gpg: selecting openpgp failed: Operation not supported by device
gpg: OpenPGP card not available: Operation not supported by device
gpg: Sorry, no terminal at all requested - can't get input
send: spawn id exp7 not open
while executing
"exp_send -s -- $arg"
(procedure "send" line 3)
invoked from within
"send -- "admin\r""
(file "./expect.sh" line 78)I’m not sure whether this failure is also triggered by me having GPG from https://gpgtools.org/ installed. It might be worth adding a note about this script not being compatible by that.
Hope this is useful, in any case thanks for creating this.
trishankatdatadog
commented
5 years ago No problem, and thanks for trying this.
Sorry, but we support only Homebrew and friends. We've run into issues with GPGTools before, and would rather not officially support it. Good luck!
trishankatdatadog
commented
5 years ago closed by 6f2fccf910b1c1a8d1ec53359c98abc678b08b61
I wanted to set up gpg using your script, but I was greeted with this somewhat disappointing message:
Are there any significant differences between 5C and 5Ci (other than the physical plugs)? Any reason the script would not work on a 5Ci?