Closed brianjcohen closed 3 years ago
Okay, I found the solution to my own problem. By running ykman-gui --log-level DEBUG, I could see python stack traces related to the application being unable to connect to pcscd.
I started the service:
sudo systemctl start pcscd
And now I was able to reset FIDO.
Yes, pcscd needs to be running. Glad you solved it!
I am finding I am unable to reset the FIDO2 application on my Yubikey 5 NFC (firmware 5.4.3).
Steps to reproduce:
Expected:
FIDO application should be reset.
Actual:
Error "not allowed" appears in the application window. FIDO application is not reset.
I can see in the source the error is coming from here: https://github.com/Yubico/yubikey-manager-qt/blob/e5468fe1b5863028b7a8387ebcad92b868e38b70/ykman-gui/py/yubikey.py#L453
According to the FIDO CTAP documentation, this NOT_ALLOWED error would be thrown if the request comes "after 10 seconds of powering up" (unsure what that means):
https://fidoalliance.org/specs/fido-v2.1-ps-20210615/fido-client-to-authenticator-protocol-v2.1-ps-20210615.html#authenticatorReset
Any help would be greatly appreciated.