search

Yubico / yubikey-personalization

YubiKey Personalization cross-platform library and tool
https://developers.yubico.com/yubikey-personalization/
BSD 2-Clause "Simplified" License
300 stars 82 forks source link

Yubikey core error: no yubikey present (OSX El Capitan) #71

Closed noose closed 8 years ago

noose commented 8 years ago

Hi, I just got my Yubikey 4 nano, it's works great with dropbox/ google etc. I configured it as smart-card (for open gpg), and tried to enable OTP, but I can't do that. I grabbed ykpers-1.17.2-mac and tried to run:

% ./ykinfo -a
Yubikey core error: no yubikey present
% sudo ./ykinfo -a
Password:
Yubikey core error: no yubikey present

but Yubikey is working as charm in every other software (PIV, Authenticator, and from console with gpg --card-status) What can I do with that? I should install something more? Maybe there are some drivers?

When I plug in my key I have something like that in my logs:

11/20/15 8:45:11.000 PM kernel[0]: considerRebuildOfPrelinkedKernel prebuild rebuild has expired
11/20/15 8:45:11.000 PM kernel[0]: com_driver_GxxxDriver::probe fails
11/20/15 8:45:11.000 PM kernel[0]: com_driver_GxxxDriver::probe fails
11/20/15 8:45:12.394 PM com.apple.SecurityServer[83]: Token reader Yubico Yubikey 4 U2F+CCID inserted into system
11/20/15 8:45:12.394 PM com.apple.SecurityServer[83]: reader Yubico Yubikey 4 U2F+CCID: state changed 0 -> 34
11/20/15 8:45:12.394 PM com.apple.SecurityServer[83]: token in reader Yubico Yubikey 4 U2F+CCID cannot be used (error 229)
SueHeim commented 8 years ago

Hi Noose. Is this a YubiKey 4 Nano that you received at DockerCon? If so, this was a specially programmed YubiKey, programmed for U2F+CCID only. You can add Yubico One-Time Password (OTP) functionality to the YubiKey using the YubiKey NEO Manager, available on our Downloads page (https://www.yubico.com/support/downloads). Install the application, insert the YubiKey, click the button to Change Connection Mode, and select the checkbox for OTP (if the option is not already selected). Hope that helps!

noose commented 8 years ago

Yes, that key from DockerCon. Thanks. I'll try that one. I'm curious - why they're programmed as U2F+CCID?

SueHeim commented 8 years ago

That was the requirement for the Docker free give-aways, I wasn't involved in the decision but I believe it might be because OTP isn't needed for Docker. For Docker, in order for it to work with TUF and notary, you just needed CCID. Plus U2F for GitHub, so the YubiKey was likely enabled with just those functions.

If you were to purchase a YubiKey 4 (or YubiKey 4 Nano), you would get a YubiKey 4 (or YubiKey 4 Nano) that is enabled for all three functions OTP+U2F+CCID. Hope that makes more sense!

noose commented 8 years ago

Thanks for the reply :-)

kasicka commented 6 years ago

Any ideas how to fix this now that Yubikey Neo Manager has been deprecated (for some time)?