[Yubikey 5 NFC] Error accessing FIDO application

chrysle commented 2 months ago

YubiKey Manager (ykman) version: 5.5.1
How was it installed?: via pip
Operating system and version: ChromeOS, Debian 11 (bullseye) container
YubiKey model and version: Yubikey 5 NFC
Bug description summary: Access to FIDO application not possible

I connected my Yubikey to my chromebook, explicitly allowing for USB device passthrough, as required. Then I attempted to get a list of the SSH keys I have stored on the device. This has always worked on my native Debian system, beforehand. I ended up with the following error:

$ ykman --log-level DEBUG fido credentials list
INFO 19:05:13.977 [ykman.logging.set_log_level:60] Logging at level: DEBUG
WARNING 19:05:13.977 [ykman.logging.set_log_level:64] 
#############################################################################
#                                                                           #
# WARNING: Sensitive data may be logged!                                    #
# Some personally identifying information may be logged, such as usernames! #
#                                                                           #
#############################################################################
INFO 19:05:13.977 [ykman._cli.__main__.cli:355] System info:
  ykman:            5.5.1
  Python:           3.9.2 (default, Feb 28 2021, 17:03:44) 
[GCC 10.2.1 20210110]
  Platform:         linux
  Arch:             x86_64
  System date:      2024-07-22
  Running as admin: False

ERROR 19:05:14.137 [ykman._cli.__main__.main:635] Failed to connect to YubiKey.
Traceback (most recent call last):
  File "/home/user/.local/lib/python3.9/site-packages/ykman/_cli/__main__.py", line 619, in main
    cli(obj={})
  File "/home/user/.local/lib/python3.9/site-packages/click/core.py", line 1157, in __call__
    return self.main(*args, **kwargs)
  File "/home/user/.local/lib/python3.9/site-packages/click/core.py", line 1078, in main
    rv = self.invoke(ctx)
  File "/home/user/.local/lib/python3.9/site-packages/click/core.py", line 1688, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/home/user/.local/lib/python3.9/site-packages/click/core.py", line 1688, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/home/user/.local/lib/python3.9/site-packages/click/core.py", line 1688, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/home/user/.local/lib/python3.9/site-packages/click/core.py", line 1434, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/home/user/.local/lib/python3.9/site-packages/click/core.py", line 783, in invoke
    return __callback(*args, **kwargs)
  File "/home/user/.local/lib/python3.9/site-packages/click/decorators.py", line 33, in new_func
    return f(get_current_context(), *args, **kwargs)
  File "/home/user/.local/lib/python3.9/site-packages/ykman/_cli/fido.py", line 663, in creds_list
    credman = _init_credman(ctx, pin)
  File "/home/user/.local/lib/python3.9/site-packages/ykman/_cli/fido.py", line 633, in _init_credman
    pin = _require_pin(ctx, pin, "Credential Management")
  File "/home/user/.local/lib/python3.9/site-packages/ykman/_cli/fido.py", line 437, in _require_pin
    ctap2 = ctx.obj.get("ctap2")
  File "/usr/lib/python3.9/_collections_abc.py", line 762, in get
    return self[key]
  File "/home/user/.local/lib/python3.9/site-packages/ykman/_cli/util.py", line 219, in __getitem__
    self.resolve()
  File "/home/user/.local/lib/python3.9/site-packages/ykman/_cli/util.py", line 216, in resolve
    self._objects[k] = f()
  File "/home/user/.local/lib/python3.9/site-packages/ykman/_cli/__main__.py", line 395, in <lambda>
    ctx.obj.add_resolver("device", lambda: resolve()[0])
  File "/home/user/.local/lib/python3.9/site-packages/ykman/_cli/__main__.py", line 391, in resolve
    items = require_device(connections, device)
  File "/home/user/.local/lib/python3.9/site-packages/ykman/_cli/__main__.py", line 194, in require_device
    raise CliFail("Failed to connect to YubiKey.")
ykman._cli.util.CliFail: Failed to connect to YubiKey.

I tried basically every other ykman command, also verified that the OpenPGP smartcard was detected and, all worked without issues.

dainnilsson commented 2 months ago

I believe this is a duplicate of #464.

chrysle commented 2 months ago

Thanks for the hint, I should have searched more thoroughly.

Yubico / yubikey-manager

[Yubikey 5 NFC] Error accessing FIDO application #623