Closed warioishere closed 3 months ago
The repository for YubiKey Manager GUI is https://github.com/Yubico/yubikey-manager-qt, however, it seems your problem isn't really tied to that, since you're having problems with Yubico Authenticator as well. Can you try running ykman --diagnose
with the YubiKey attached, and providing the output of that here?
Hello I can also confirm this issue. After clean install of Ubuntu 24.04 ykman cli works, but yubikey-manager-qt (apt-get installed) does not detect anything (I have two NFC5 yubikeys) . (previous installations on same device worked 20.04-23.10). Also yubikey-luks-enroll does not actually work - it creates new key-slot (seen in luksDump) but when i try using that slots key, I get no key found. (That bothers me more)
ykman --diagnose ykman: 5.2.1 Python: 3.12.3 (main, Apr 10 2024, 05:33:47) [GCC 13.2.0] Platform: linux Arch: x86_64 System date: 2024-06-18 Running as admin: False Detected PC/SC readers: Yubico YubiKey OTP+FIDO+CCID 00 00: Success
Detected YubiKeys over PC/SC:
ScardYubiKeyDevice(pid=0407, fingerprint='Yubico YubiKey OTP+FIDO+CCID 00 00'):
Management:
Raw Info:
enabled_capabilities:
USB: OTP|U2F|FIDO2|OATH|PIV|OPENPGP: 0x23f
NFC: OTP|U2F|FIDO2|OATH|PIV|OPENPGP: 0x23b
auto_eject_timeout: 0
challenge_response_timeout: 15
device_flags: 0
serial: <sanitized_output>
version: 5.2.7
form_factor: Keychain (USB-C)
supported_capabilities:
USB: OTP|U2F|FIDO2|OATH|PIV|OPENPGP: 0x23f
NFC: OTP|U2F|FIDO2|OATH|PIV|OPENPGP: 0x23f
is_locked: False
is_fips: False
is_sky: False
Name: YubiKey 5C NFC
PIV:
PIV version: 5.2.7
PIN tries remaining: 3
Management key algorithm: TDES
CHUID: <sanitized_output>
CCC: No data available
Slot 9A (AUTHENTICATION):
Algorithm: ECCP256
Subject DN: CN=<sanitized_output>
Issuer DN: CN=<sanitized_output>
Serial: <sanitized_output>
Fingerprint: <sanitized_output>
Not before: <sanitized_output>
Not after: <sanitized_output>
Slot 9E (CARD_AUTH):
Algorithm: ECCP256
Subject DN: CN=<sanitized_output>
Issuer DN: CN=<sanitized_output>
Serial: <sanitized_output>
Fingerprint: <sanitized_output>
Not before: <sanitized_output>
Not after: <sanitized_output>
OATH:
Oath version: 5.2.7
Password protected: False
OpenPGP:
OpenPGP version: 3.4
Application version: 5.2.7
PIN tries remaining: 3
Reset code tries remaining: 0
Admin PIN tries remaining: 3
Require PIN for signature: Once
Touch policies:
Signature key: Off
Encryption key: Off
Authentication key: Off
Attestation key: Off
YubiHSM Auth: YubiHSM Auth not accessible ApplicationNotAvailableError()
Detected YubiKeys over HID OTP:
OtpYubiKeyDevice(pid=0407, fingerprint='/dev/hidraw4'):
Management:
Raw Info:
enabled_capabilities:
USB: OTP|U2F|FIDO2|OATH|PIV|OPENPGP: 0x23f
NFC: OTP|U2F|FIDO2|OATH|PIV|OPENPGP: 0x23b
auto_eject_timeout: 0
challenge_response_timeout: 15
device_flags: 0
serial: <sanitized_output>
version: 5.2.7
form_factor: Keychain (USB-C)
supported_capabilities:
USB: OTP|U2F|FIDO2|OATH|PIV|OPENPGP: 0x23f
NFC: OTP|U2F|FIDO2|OATH|PIV|OPENPGP: 0x23f
is_locked: False
is_fips: False
is_sky: False
Name: YubiKey 5C NFC
OTP:
ConfigState(configured: (True, True), touch_triggered: (True, False), led_inverted: False)
Detected YubiKeys over HID FIDO:
CtapYubiKeyDevice(pid=0407, fingerprint='/dev/hidraw5'):
CTAP device version: 5.2.7
CTAPHID protocol version: 2
Capabilities: 5
Management:
Raw Info:
enabled_capabilities:
USB: OTP|U2F|FIDO2|OATH|PIV|OPENPGP: 0x23f
NFC: OTP|U2F|FIDO2|OATH|PIV|OPENPGP: 0x23b
auto_eject_timeout: 0
challenge_response_timeout: 15
device_flags: 0
serial: <sanitized_output>
version: 5.2.7
form_factor: Keychain (USB-C)
supported_capabilities:
USB: OTP|U2F|FIDO2|OATH|PIV|OPENPGP: 0x23f
NFC: OTP|U2F|FIDO2|OATH|PIV|OPENPGP: 0x23f
is_locked: False
is_fips: False
is_sky: False
Name: YubiKey 5C NFC
Ctap2Info:
versions:
U2F_V2
FIDO_2_0
FIDO_2_1_PRE
extensions:
credProtect
hmac-secret
aaguid: <sanitized_output>
options:
rk: True
up: True
plat: False
clientPin: False
credentialMgmtPreview: True
max_msg_size: 1200
pin_uv_protocols:
1
max_creds_in_list: 8
max_cred_id_length: 128
transports:
nfc
usb
algorithms:
alg: -7
type: public-key
alg: -8
type: public-key
max_large_blob: None
force_pin_change: False
min_pin_length: 4
firmware_version: None
max_cred_blob_length: None
max_rpids_for_min_pin: 0
preferred_platform_uv_attempts: None
uv_modality: None
certifications: None
remaining_disc_creds: None
vendor_prototype_config_commands: None
PIN: Not configured
End of diagnostics
@random578036896547 The diagnose output seems to indicate everything working fine with ykman, just as you said. That should also indicate that system services like pcscd as well as permissions for your user are correctly configured to use the YubiKey.
I do not believe that YubiKey Manager GUI is expected to work on currently 24.04 due to one of its dependencies (pyotherside) not being compatible with Python 3.12. I would strongly recommend using Yubico Authenticator (https://github.com/Yubico/yubioath-flutter) instead.
I can't help you with yubikey-luks-enroll as that isn't a Yubico product.
Ok, thanks for advice, I tried Yubico Authenticator and I can confirm that its working. Regarding yubico-luks I opend issue #95 at their github https://github.com/cornelinux/yubikey-luks/issues/95 thx for help.
Great! I will close this issue since there is nothing to be done for this project.
YubiKey-Manager doesnt detect my Yubikey 5NFC after I upgraded from Ubuntu 22.04 to 24.04 ykman list sees my yubikey though and I can use it for FIDO authentication
Steps to reproduce
Reinstall Manager, didnt help, yubikey-manager doesnt detect Yubikey, Also Yubikey Authenticator
Expected result
That it works again, but it didnt.
Actual results and logs
Other info
As stated, yubikey authenticator also doesnt detect my yubikey anymore and is also unusable.
Greetings