Open delucca opened 2 years ago
I run into this with another command line utility that uses the yubikey to get an SSH certificate. I added the following to my .bashrc, wrapping that utility:
function ssh-add {
local _usbdev=$(lsusb | grep Yubico | awk '{x=$2+0;print x}')
sudo sh -c "echo 'usb${_usbdev}' >/sys/bus/usb/drivers/usb/unbind"
sudo sh -c "echo 'usb${_usbdev}' >/sys/bus/usb/drivers/usb/bind"
sleep 1
/path/to/ssh-add $*
}
This only supports one Yubico device being plugged in, but that's OK for me. It parses the lsusb
output to get the bus device the yubikey is plugged into, resets that bus, sleeps a second (this could be shortened probably), then runs the utility. So far, it seems to work for me.
Hi!
First and foremost, congrats on the project! It is pretty good and solves a pretty big problem for me :)
I've the following setup:
I use them both a lot. My SSH key is mainly for connecting to some servers I manage, but also for pushing commit using Git. My GPG key is used both for encryption, but also for signing git commits.
Anyway, I followed this guide to setup my GPG inside my Yubikey, and it works as expected. But, it seems that the usage of my GPG key somehow breaks the Yubikey-agent.
Let me explain.
Every time I run
git commit ...
I'm prompted by my OS to type my GPG key password (from inside my Yubikey). Them, afterwards, usually I rungit push
and when I do so I got an error like the following:After that, if I check my
yubikey-agent
service, I see the following:Even if I run
systemctl --user restart yubikey-agent.service
the error persists. What I need to do is physically remove the Yubikey, wait 1-2s and them plug it again. Them, restart the Yubikey agent and my SSH key works in thegit push
After that, if I only run commands using my SSH keys (connect to a given server, fetch, push, etc) it works every time. But, as soon as I use my GPG key from within my Yubikey, the same issue happens again.
Anyone have any idea how to fix this?
Edit 1: I've just found out that the same issue happens in the other direciton. If I'm using my Yubikey for the SSH key I can't sign any GPG commits, neither encrypt data (with my GPG key inside the Yubikey). I need to phisically remove and insert again in other do use it for GPG 🤔