Closed FlorinAndrei closed 9 years ago
What mode is the Neo in when you try to read the serial?
For the 3.2 firmware if it's in composite otp+ccid and the ccid part is in use (or what's called acquired) serial reading will fail.
We need both OTP and CCID, so both are enabled. But CCID isn't actively used - I'm not authenticating ssh at that time, or anything like that.
so if you're using it with gnupg if scdaemon is running it holds on to the card, making it only switch to OTP by pressing the button and emitting an OTP.
I do have gnupg enabled to use the smartcard on the NEO. gpg-agent is running all the time, but scdaemon is only running occasionally, as far as I can tell - only when gpg-daemon actually needs the card.
However, I've noticed something else:
$ ps -ef | grep -i scd
0 1714 15 0 12:53PM ?? 0:00.21 /usr/sbin/pcscd -f
After killing it, ykinfo -a started running again.
I've done a bit of googling, and disabling pcscd doesn't seem to be trivial. It looks like it's launched automatically when a smartcard is detected.
Yes. this is in line with expectations, the CCID being active locks down the OTP interface to API requests of Neos before 3.3. OTP with button should still work though.
Closing this since it's a Neo limitation, not a software error.
OS X 10.9.5 MacBook Air ykpers 1.16.0 YubiKey NEO firmware 3.2
Options -s, -m, -H, -a (anything that involves get serial) fails like this:
Other commands work okay.