Closed westonmyers closed 10 years ago
klali
commented
10 years ago Hello,
This looks very much like an old bug we had (fixed in https://github.com/Yubico/ykneo-openpgp/commit/ae946ad142efa730e2372b00572e9a473319de12) do you think you could try to reload the applet and report back?
A pre-built cap file can be found at http://opensource.yubico.com/ykneo-openpgp/releases.html and arch linux seems to package gpshell that is needed to load it.
/klas
westonmyers
commented
10 years ago Klas,
Thanks for getting back to me so quickly. I was mostly contacting you guys in case this was not a known issue. I'll go ahead and load a new applet onto the NEO from source. Doesn't take long. Having an issue with gpshell at the moment though. Still playing with it.
mode_211 enable_trace establish_context card_connect list_readers failed with error 0x8010002E (Cannot find a smart card reader.)
Edit: Figured it out and updated my Yubikey. Counter is holding correctly on a "verify" command within "gpg --card-edit". I'll create a new pgp key and test how things go.
Edit 2: All looks good. Thanks for your time again Klas!
Take care, Weston
klali
commented
10 years ago Very good! (and great that you reported back)
/klas
cpu
commented
10 years ago @westonmyers : I'm having the same issue with gpshell ( list_readers failed with error 0x8010002E (Cannot find a smart card reader.) on ArchLinux. Could you mention what you did to resolve this error? I've not had any luck so far :-/
westonmyers
commented
10 years ago I am currently trying to retrace what I did so that I can remember. I didn't post my steps here at the time as it was environmental. May have been that the pcscd.service wasn't active at the time of trying to use opensc (via the gpshell script). Run:
(Maybe only enable socket since it should spin up service?)
Then see how it goes.
Cheers, Weston
Flink
commented
10 years ago @binaryparadox @westonmyers I just received my yubikey today and I’m having the exact same problem :( Did you resolve this? And how please?
Flink
commented
10 years ago It seems after installing the ccid package (I’m on Arch too), gpshell works and the cap file is transferred to the yubikey. Still no luck with gpg --card-status though… :(
Flink
commented
10 years ago Ok sorry for my previous comment, since my yubikey is brand new, I had to use gpg --card-edit and it seems to work :)
Copy from http://forum.yubico.com/viewtopic.php?f=26&t=1145
Hello,
I created a pgp keypair with my Yubikey as outlined. It seemed to work as far as I knew. Today came the time to actually test it. That said, it's not behaving at all. It seems that the PIN is not being accepted properly. Below is the excerpt of my terminal while working on this. (Encryption and Auth keys edited out as I felt this was unnecessary.)
Notable things: PIN retry counter at 0. I unblock it successfully and use a simple password (123456) for this example. (While not shown here, I can do a "verify" command here and the PIN retry counter will tick down to 2.) I exit out though to do what I was hoping. I have a file that a friend encrypted. It's not taking the password. Fun times.
Thanks for your time, Weston
Arch Linux (Fully updated.) gpg (GnuPG) 2.0.21 libgcrypt 1.5.3
➜ Downloads gpg --card-edit gpg: enabled debug flags: memstat
Application ID ...: D2760001240102000000000000010000 Version ..........: 2.0 Manufacturer .....: test card Serial number ....: 00000001 Name of cardholder: Weston Myers Language prefs ...: en Sex ..............: male URL of public key : http://sec.westonmyers.com/pgppubstore/weston+pgp@ieee.org Login data .......: westonmyers Signature PIN ....: not forced Key attributes ...: 2048R 2048R 2048R Max. PIN lengths .: 127 127 127 PIN retry counter : 0 3 3 Signature counter : 14 Signature key ....: A679 6687 3661 82F4 2A9B BE0E FAA5 D450 6A4B B09A created ....: 2013-08-16 08:01:24 Encryption key....: [REDACTED] created ....: 2013-08-16 08:01:24 Authentication key: [REDACTED] created ....: 2013-08-16 08:01:24 General key info..: pub 2048R/6A4BB09A 2013-08-16 Weston L Myers (No trees were killed to send this message; however, a large number of electrons were terribly inconvenienced...) <weston+p gp@ieee.org> sec> 2048R/6A4BB09A created: 2013-08-16 expires: 2014-08-16 card-no: 0000 00000001 ssb> 2048R/493D77FB created: 2013-08-16 expires: 2014-08-16 card-no: 0000 00000001 ssb> 2048R/A42FF1AE created: 2013-08-16 expires: 2014-08-16 card-no: 0000 00000001
gpg/card> unblock gpg: OpenPGP card no. D2760001240102000000000000010000 detected PIN changed.
gpg/card> list
Application ID ...: D2760001240102000000000000010000 Version ..........: 2.0 Manufacturer .....: test card Serial number ....: 00000001 Name of cardholder: Weston Myers Language prefs ...: en Sex ..............: male URL of public key : http://sec.westonmyers.com/pgppubstore/weston+pgp@ieee.org Login data .......: westonmyers Signature PIN ....: not forced Key attributes ...: 2048R 2048R 2048R Max. PIN lengths .: 127 127 127 PIN retry counter : 3 3 3 Signature counter : 14 Signature key ....: A679 6687 3661 82F4 2A9B BE0E FAA5 D450 6A4B B09A created ....: 2013-08-16 08:01:24 Encryption key....: [REDACTED] created ....: 2013-08-16 08:01:24 Authentication key: [REDACTED] created ....: 2013-08-16 08:01:24 General key info..: pub 2048R/6A4BB09A 2013-08-16 Weston L Myers (No trees were killed to send this message; however, a large number of electrons were terribly inconvenienced...) <weston+p gp@ieee.org> sec> 2048R/6A4BB09A created: 2013-08-16 expires: 2014-08-16 card-no: 0000 00000001 ssb> 2048R/493D77FB created: 2013-08-16 expires: 2014-08-16 card-no: 0000 00000001 ssb> 2048R/A42FF1AE created: 2013-08-16 expires: 2014-08-16 card-no: 0000 00000001
gpg/card> quit random usage: poolsize=600 mixed=0 polls=0/0 added=0/0 outmix=0 getlvl1=0/0 getlvl2=0/0 secmem usage: 0/32768 bytes in 0 blocks ➜ Downloads gpg -v -o doc.txt --decrypt signed_6A4BB09A_encrypted.acs gpg: enabled debug flags: memstat Version: GnuPG v1.4.12 (Darwin) gpg: armor header: gpg: public key is A42FF1AE gpg: using subkey A42FF1AE instead of primary key 6A4BB09A gpg: using subkey A42FF1AE instead of primary key 6A4BB09A gpg: encrypted with 2048-bit RSA key, ID A42FF1AE, created 2013-08-16 "Weston L Myers (No trees were killed to send this message; however, a large number of electrons were terribly inconvenienced...) weston+pgp@ieee.org" gpg: public key decryption failed: Card error gpg: decryption failed: No secret key random usage: poolsize=600 mixed=0 polls=0/0 added=0/0 outmix=0 getlvl1=0/0 getlvl2=0/0 secmem usage: 0/32768 bytes in 0 blocks