Open aalmenar opened 1 year ago
fdennis
commented
1 year ago I have tested version 1.2.5 on a M1 macOS Ventura 13.2.1 and cannot reproduce this issue. I would suggest that you contact support, they will most likely be able to provide the best help for you. You can submit a ticket at yubi.co/support.
dainnilsson
commented
1 year ago I'd also suggest that if you want to run the CLI ykman tool, that you install it using our installer here https://developers.yubico.com/yubikey-manager/Releases/ or via Homebrew, rather than using the embedded executable in the YubiKey Manager GUI app.
benzoo
commented
1 year ago I have the same issue, please look at debug log and screenshot of GUI error:
$ sudo "/Applications/YubiKey Manager.app/Contents/MacOS/ykman-gui" --log-level DEBUG &> ~/Desktop/ykman-gui.txt
$ less ~/Desktop/ykman-gui.txt
INFO 15:21:24.558 [ykman.logging.set_log_level:60] Logging at level: DEBUG
WARNING 15:21:24.558 [ykman.logging.set_log_level:64]
#############################################################################
# #
# WARNING: Sensitive data may be logged! #
# Some personally identifying information may be logged, such as usernames! #
# #
#############################################################################
DEBUG 15:21:24.558 [ykman.logging_setup.log_sys_info:44] ykman: 5.0.1
DEBUG 15:21:24.558 [ykman.logging_setup.log_sys_info:45] Python: 3.11.1 (main, Feb 2 2023, 14:26:00) [Clang 14.0.0 (clang-1400.0.29.202)]
DEBUG 15:21:24.558 [ykman.logging_setup.log_sys_info:46] Platform: darwin
DEBUG 15:21:24.558 [ykman.logging_setup.log_sys_info:47] Arch: x86_64
DEBUG 15:21:24.558 [ykman.logging_setup.log_sys_info:53] Running as admin: True
DEBUG 15:21:24.558 [ykman.logging_setup.log_sys_info:54] System date: 2023-04-22
DEBUG 15:21:24.573 [ykman.device.add:162] Add device for <class 'yubikit.core.otp.OtpConnection'>: OtpYubiKeyDevice(pid=0407, fingerprint='<removed>')
WARNING 15:21:24.580 [ykman.device.add:176] Failed opening device
Traceback (most recent call last):
File "/Applications/YubiKey Manager.app/Contents/Frameworks/Python.framework/Versions/3.11/lib/python3.11/site-packages/ykman/device.py", line 168, in add
with dev.open_connection(conn_type) as conn:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Applications/YubiKey Manager.app/Contents/Frameworks/Python.framework/Versions/3.11/lib/python3.11/site-packages/ykman/hid/base.py", line 50, in open_connection
return self._connection_cls(self.path)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Applications/YubiKey Manager.app/Contents/Frameworks/Python.framework/Versions/3.11/lib/python3.11/site-packages/ykman/hid/macos.py", line 186, in __init__
raise OSError(f"Failed to open device for communication: {result}")
OSError: Failed to open device for communication: -536870174
DEBUG 15:21:24.582 [ykman.device.add:162] Add device for <class 'fido2.ctap.CtapDevice'>: CtapYubiKeyDevice(pid=0407, fingerprint='4294972847')
DEBUG 15:21:24.586 [yubikit.support.read_info:261] Attempting to read device info, using CtapHidDevice
DEBUG 15:21:24.586 [yubikit.management.__init__:443] Management session initialized for connection=CtapHidDevice, version=4.3.7
DEBUG 15:21:24.588 [yubikit.support.read_info:289] Read info: DeviceInfo(config=DeviceConfig(enabled_capabilities={}, auto_eject_timeout=0, challenge_response_timeout=0, device_flags=<DEVICE_FLAG: 0>), serial=<removed>, version=Version(major=4, minor=3, patch=7), form_factor=<FORM_FACTOR.UNKNOWN: 0>, supported_capabilities={<TRANSPORT.USB: 'usb'>: <CAPABILITY.OTP|U2F|OATH|PIV|OPENPGP|196: 255>}, is_locked=False, is_fips=False, is_sk>
DEBUG 15:21:24.589 [yubikit.support.read_info:348] Device info, after tweaks: DeviceInfo(config=DeviceConfig(enabled_capabilities={<TRANSPORT.USB: 'usb'>: <CAPABILITY.OTP|U2F|OATH|PIV|OPENPGP|196: 255>}, auto_eject_timeout=0, challenge_response_timeout=0, device_flags=<DEVICE_FLAG: 0>), serial=<removed>, version=Version(major=4, minor=3, patch=7), form_factor=<FORM_FACTOR.UNKNOWN: 0>, supported_capabilities={<TRANSPORT.USB: 'usb'>: >
DEBUG 15:21:24.589 [ykman.device.add:173] Resolved device <removed>
DEBUG 15:21:27.590 [yubikey._open_device:135] Failed connecting to the YubiKey over <class 'yubikit.core.smartcard.SmartCardConnection'>
Traceback (most recent call last):
File "qrc:///py/yubikey.py", line 133, in _open_device
return self._dev.open_connection(conn_type)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Applications/YubiKey Manager.app/Contents/Frameworks/Python.framework/Versions/3.11/lib/python3.11/site-packages/ykman/device.py", line 254, in open_connection
raise ValueError("Unsupported Connection type")
ValueError: Unsupported Connection type
ERROR 15:21:27.591 [yubikey.wrapped:88] Failed to open device
Traceback (most recent call last):
File "qrc:///py/yubikey.py", line 78, in wrapped
return f(*args, **kwargs)
^^^^^^^^^^^^^^^^^^
File "qrc:///py/yubikey.py", line 300, in refresh_piv
with self._open_device([SmartCardConnection]) as conn:
TypeError: 'NoneType' object does not support the context manager protocol
Tried this with 4 macs, 2 intel and 2 apple silicon. On intel versions you can access piv application, on apple silicon one i always get unable to connect
Steps to reproduce:
As described before.
Expected result
Being able to manage piv certificates
Actual results and logs
DEBUG 19:59:44.441 [ykman.logging_setup.log_sys_info:44] ykman: 5.0.1 DEBUG 19:59:44.441 [ykman.logging_setup.log_sys_info:45] Python: 3.11.1 (main, Feb 2 2023, 14:26:00) [Clang 14.0.0 (clang-1400.0.29.202)] DEBUG 19:59:44.441 [ykman.logging_setup.log_sys_info:46] Platform: darwin DEBUG 19:59:44.441 [ykman.logging_setup.log_sys_info:47] Arch: x86_64 DEBUG 19:59:44.442 [ykman.logging_setup.log_sys_info:53] Running as admin: False DEBUG 19:59:44.442 [ykman.logging_setup.log_sys_info:54] System date: 2023-03-28 DEBUG 19:59:44.457 [ykman.device.add:162] Add device for <class 'yubikit.core.otp.OtpConnection'>: OtpYubiKeyDevice(pid=0407, fingerprint='4295243352') DEBUG 19:59:44.501 [yubikit.support.read_info:261] Attempting to read device info, using MacHidOtpConnection DEBUG 19:59:44.502 [yubikit.management.init:443] Management session initialized for connection=MacHidOtpConnection, version=5.4.3 DEBUG 19:59:44.535 [yubikit.support.read_info:289] Read info: DeviceInfo(config=DeviceConfig(enabled_capabilities={<TRANSPORT.USB: 'usb'>: <CAPABILITY.OTP|U2F|FIDO2|OATH|PIV|OPENPGP: 571>, <TRANSPORT.NFC: 'nfc'>: <CAPABILITY.OTP|U2F|FIDO2|OATH|PIV|OPENPGP: 571>}, auto_eject_timeout=0, challenge_response_timeout=15, device_flags=<DEVICE_FLAG: 0>), serial=23509739, version=Version(major=5, minor=4, patch=3), form_factor=<FORM_FACTOR.USB_C_KEYCHAIN: 3>, supported_capabilities={<TRANSPORT.USB: 'usb'>: <CAPABILITY.OTP|U2F|FIDO2|OATH|PIV|OPENPGP|HSMAUTH|4: 831>, <TRANSPORT.NFC: 'nfc'>: <CAPABILITY.OTP|U2F|FIDO2|OATH|PIV|OPENPGP|HSMAUTH|4: 831>}, is_locked=False, is_fips=False, is_sky=False) DEBUG 19:59:44.536 [yubikit.support.read_info:348] Device info, after tweaks: DeviceInfo(config=DeviceConfig(enabled_capabilities={<TRANSPORT.USB: 'usb'>: <CAPABILITY.OTP|U2F|FIDO2|OATH|PIV|OPENPGP: 571>, <TRANSPORT.NFC: 'nfc'>: <CAPABILITY.OTP|U2F|FIDO2|OATH|PIV|OPENPGP: 571>}, auto_eject_timeout=0, challenge_response_timeout=15, device_flags=<DEVICE_FLAG: 0>), serial=23509739, version=Version(major=5, minor=4, patch=3), form_factor=<FORM_FACTOR.USB_C_KEYCHAIN: 3>, supported_capabilities={<TRANSPORT.USB: 'usb'>: <CAPABILITY.OTP|U2F|FIDO2|OATH|PIV|OPENPGP|HSMAUTH|4: 831>, <TRANSPORT.NFC: 'nfc'>: <CAPABILITY.OTP|U2F|FIDO2|OATH|PIV|OPENPGP|HSMAUTH|4: 831>}, is_locked=False, is_fips=False, is_sky=False) DEBUG 19:59:44.536 [ykman.device.add:173] Resolved device 23509739 DEBUG 19:59:44.537 [ykman.device.add:162] Add device for <class 'fido2.ctap.CtapDevice'>: CtapYubiKeyDevice(pid=0407, fingerprint='4295243356') DEBUG 19:59:47.201 [yubikey._open_device:135] Failed connecting to the YubiKey over <class 'yubikit.core.smartcard.SmartCardConnection'> Traceback (most recent call last): File "qrc:///py/yubikey.py", line 133, in _open_device return self._dev.open_connection(conn_type) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/Applications/YubiKey Manager.app/Contents/Frameworks/Python.framework/Versions/3.11/lib/python3.11/site-packages/ykman/device.py", line 254, in open_connection raise ValueError("Unsupported Connection type") ValueError: Unsupported Connection type ERROR 19:59:47.202 [yubikey.wrapped:88] Failed to open device Traceback (most recent call last): File "qrc:///py/yubikey.py", line 78, in wrapped return f(*args, **kwargs) ^^^^^^^^^^^^^^^^^^ File "qrc:///py/yubikey.py", line 300, in refresh_piv with self._open_device([SmartCardConnection]) as conn: TypeError: 'NoneType' object does not support the context manager protocol