verify pin: smart card error 6983: authentication method blocked

[chriscroome]

I've a laptop and a desktop both runing Debian Bookworm and both with the same configuration and packages (I haven't checked that they do have exactly the same .deb files installed but could do this).

I've a pair of Yubikeys both set up to work with yubikey-agent and also with FIDO2 discoverable keys.

Most servers I need to access have all four public keys installed, some however have old versions of SSHD and only with with yubikey-agent.

On my laptop, by default the yubikey-agent key pair appears to always be used, on my desktop the FIDO2 keys are used as yubikey-agent never seems to work.

I'm trying to work out what the issue is... on my desktop I have this error:

systemctl --user status yubikey-agent 
● yubikey-agent.service - Seamless ssh-agent for YubiKeys
     Loaded: loaded (/usr/lib/systemd/user/yubikey-agent.service; enabled; preset: enabled)
     Active: active (running) since Thu 2022-09-29 12:42:44 BST; 8min ago
       Docs: https://filippo.io/yubikey-agent
   Main PID: 18888 (yubikey-agent)
      Tasks: 16 (limit: 37735)
     Memory: 12.5M
        CPU: 257ms
     CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/yubikey-agent.service
             └─18888 yubikey-agent -l //run/user/1000/yubikey-agent/yubikey-agent.sock

Sep 29 12:43:39 pn50 yubikey-agent[18888]: 2022/09/29 12:43:39 agent 27: ssh: parse error in message type 27
Sep 29 12:43:39 pn50 yubikey-agent[18888]: 2022/09/29 12:43:39 agent 13: verify pin: smart card error 6983: authentication method blocked

I think the problem is that I never get a PIN prompt, I couldn't find any other issues with this same problem.

Does anyone have any suggestions regarding how I could debug what is going wrong here?