Closed PureTryOut closed 1 year ago
Can you please share the nitropy log file for a nitropy nk3 list
call? You should find it in /tmp
. If you don’t want to share it publicly, you can also send it to robin@nitrokey.com.
405 INFO pynitrokey.cli Timestamp: 2023-05-01 13:04:21.252728
405 INFO pynitrokey.cli OS: uname_result(system='Linux', node='spaceblade', release='6.1.26-0-lts', version='#1-Alpine SMP PREEMPT_DYNAMIC Thu, 27 Apr 2023 06:35:14 +0000', machine='x86_64')
405 INFO pynitrokey.cli Python version: 3.11.3
410 INFO pynitrokey.cli pynitrokey version: 0.4.36
411 INFO pynitrokey.cli cryptography version: 40.0.2
412 INFO pynitrokey.cli ecdsa version: 0.18.0
412 INFO pynitrokey.cli fido2 version: 1.1.1
413 INFO pynitrokey.cli pyusb version: 1.2.1
413 INFO pynitrokey.cli spsdk version: 1.10.0
964 INFO libusbsio Loading SIO library: /usr/lib/python3.11/site-packages/libusbsio/bin/linux_x86_64/libusbsio.so
965 INFO libusbsio HID enumeration[140643498097376]: initialized
965 DEBUG libusbsio HID enumeration[140643498097376]: device #0: HP Basic USB Keyboard
966 DEBUG libusbsio HID enumeration[140643498097376]: device #1: HIDI2CBridge
966 DEBUG libusbsio HID enumeration[140643498097376]: device #2: Nitrokey 3
966 DEBUG libusbsio HID enumeration[140643498097376]: device #3: 2.4G Mouse
966 INFO libusbsio HID enumeration[140643498097376]: finished, total 4 devices
969 DEBUG fido2.hid.linux Failed opening device /dev/hidraw0
Traceback (most recent call last):
File "/usr/lib/python3.11/site-packages/fido2/hid/linux.py", line 98, in list_descriptors
devices.append(get_descriptor(hidraw))
^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/fido2/hid/linux.py", line 55, in get_descriptor
with open(path, "rb") as f:
^^^^^^^^^^^^^^^^
PermissionError: [Errno 13] Permission denied: '/dev/hidraw0'
969 DEBUG fido2.hid.linux Failed opening device /dev/hidraw3
Traceback (most recent call last):
File "/usr/lib/python3.11/site-packages/fido2/hid/linux.py", line 98, in list_descriptors
devices.append(get_descriptor(hidraw))
^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/fido2/hid/linux.py", line 55, in get_descriptor
with open(path, "rb") as f:
^^^^^^^^^^^^^^^^
PermissionError: [Errno 13] Permission denied: '/dev/hidraw3'
970 DEBUG fido2.hid.linux Failed opening device /dev/hidraw2
Traceback (most recent call last):
File "/usr/lib/python3.11/site-packages/fido2/hid/linux.py", line 98, in list_descriptors
devices.append(get_descriptor(hidraw))
^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/fido2/hid/linux.py", line 55, in get_descriptor
with open(path, "rb") as f:
^^^^^^^^^^^^^^^^
PermissionError: [Errno 13] Permission denied: '/dev/hidraw2'
970 DEBUG fido2.hid.linux Failed opening device /dev/hidraw1
Traceback (most recent call last):
File "/usr/lib/python3.11/site-packages/fido2/hid/linux.py", line 98, in list_descriptors
devices.append(get_descriptor(hidraw))
^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/fido2/hid/linux.py", line 55, in get_descriptor
with open(path, "rb") as f:
^^^^^^^^^^^^^^^^
PermissionError: [Errno 13] Permission denied: '/dev/hidraw1'
970 DEBUG root print: Critical error:
970 DEBUG root print: No Nitrokey 3 device found
970 DEBUG root listing all connected devices:
970 DEBUG root :: 'Nitrokey FIDO2' keys
970 DEBUG root :: 'Nitrokey Start' keys:
982 DEBUG root :: 'Nitrokey 3' keys
983 INFO libusbsio HID enumeration[140643498098192]: initialized
983 DEBUG libusbsio HID enumeration[140643498098192]: device #0: HP Basic USB Keyboard
983 DEBUG libusbsio HID enumeration[140643498098192]: device #1: HIDI2CBridge
983 DEBUG libusbsio HID enumeration[140643498098192]: device #2: Nitrokey 3
983 DEBUG libusbsio HID enumeration[140643498098192]: device #3: 2.4G Mouse
983 INFO libusbsio HID enumeration[140643498098192]: finished, total 4 devices
985 DEBUG root print: --------------------------------------------------------------------------------
985 DEBUG root print: Critical error occurred, exiting now
985 DEBUG root print: Unexpected? Is this a bug? Would you like to get support/help?
985 DEBUG root print: - You can report issues at: https://support.nitrokey.com/
985 DEBUG root print: - Writing an e-mail to support@nitrokey.com is also possible
985 DEBUG root print: - Please attach the log: '/tmp/nitropy.log.rvop7x92' with any support/help request!
985 DEBUG root print: - Please check if you have udev rules installed: https://docs.nitrokey.com/nitrokey3/linux/firmware-update.html#troubleshooting
That permission error is interesting :thinking: Are there some udev rules somewhere that can help with that? Not sure why this wasn't a problem before though.
Yes, this looks like a permissions issue. Please check this guide: https://docs.nitrokey.com/software/nitropy/linux/udev
Ah yes they're shipped by libnitrokey. I suppose that is the problem, I had that installed previously for my old Nitrokey Pro but since it broke down and I moved to the Nitrokey 3 I uninstalled that application.
Since these udev rules are necessary for the Nitrokey 3 but libnitrokey isn't, these rules should probably be shipped as part of this repository as well.
Shipping udev rules with a Python package is not really possible as far as I know, but package maintainers for distributions can of course include the rules in their package.
Also see this issue for discussions on how to handle this problem: https://github.com/Nitrokey/pynitrokey/issues/366 Feel free to add your suggestions there.
but package maintainers for distributions can of course include the rules in their package.
I am a package maintainer :wink: And I rather not source them from a different repo if it can be prevented as it requires keeping track of multiple versions in a single package.
That's why I'd prefer them in this repo, they'll be part of the same tagged releases as pynitrokey.
Yeah, including them in this repository makes sense to me. @szszszsz What do you think?
I’ve created https://github.com/Nitrokey/pynitrokey/issues/386 for including the udev rules.
I've recently used pynitrokey (0.4.36) to update the firmware of my nk3 (just
nitropy nk3 update
). At the time it seems to have updated successfully and pynitrokey reported the updated version withnitropy nk3 version
.However now a few weeks later the device isn't recognized any more.
nitropy list
doesn't list it and I can't use it to authenticate websites with FIDO any more either.dmesg
does show the device being recognized by the kernel:Is my device broken now? :thinking: