YubiKey keeps disappearing and reappearing

[jvo203]

• Yubico Authenticator version: 5.0.2
• Operating system and version: the most up-to-date rolling release of openSUSE Tumbleweed
• YubiKey model and version: 5 NFC USB-A Firmware: 5.2.4 Serial: 12036004
• Bug description summary: as per the closed issue #505, the same happens in my case and it cannot be solved by installing ccid. The pcsc-ccid library is already installed (output of "sudo zypper search ccid": i | pcsc-ccid | PCSC Driver for CCID Based Smart Card Readers and GemPC Twin Serial Reader | パッケージ).

Both the yubioath-desktop installed from the openSUSE repository as well as the one downloaded from the Yubico website suffer from the same problem (they are the same versions anyway).

Steps to reproduce

yubioath-desktop --log-level DEBUG Got library name: "/usr/lib64/qt5/qml/io/thp/pyotherside/libpyothersideplugin.so" 2020-03-16T11:27:34+0900 INFO [ykman.logging_setup.setup:58] Initialized logging for ykman version: 3.1.1 2020-03-16T11:27:40+0900 DEBUG [ykman.driver_otp.open_devices:224] Success in opening key at position 0 2020-03-16T11:27:40+0900 DEBUG [ykman.device.init:198] Read config from device... 2020-03-16T11:27:40+0900 DEBUG [ykman.device.init:200] Success! 2020-03-16T11:27:40+0900 DEBUG [ykman.device.init:289] Identified YubiKey 5 2020-03-16T11:27:40+0900 DEBUG [ykman.driver_otp.open_devices:222] Failed to open key at position 1 2020-03-16T11:27:40+0900 DEBUG [ykman.driver_otp.del:208] Destroy <ykman.driver_otp.OTPDriver object at 0x7f1a840d7fd0> 2020-03-16T11:27:40+0900 DEBUG [ykman.driver_otp.close:203] Close <ykman.driver_otp.OTPDriver object at 0x7f1a840d7fd0> 2020-03-16T11:27:40+0900 DEBUG [ykman.descriptor._open_driver:175] Opening driver for transports: TRANSPORT.CCID, serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:40+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 1 of 10 2020-03-16T11:27:40+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 0.100000 s 2020-03-16T11:27:41+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:41+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 2 of 10 2020-03-16T11:27:41+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 0.200000 s 2020-03-16T11:27:41+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:41+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 3 of 10 2020-03-16T11:27:41+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 0.300000 s 2020-03-16T11:27:41+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:41+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 4 of 10 2020-03-16T11:27:41+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 0.400000 s 2020-03-16T11:27:41+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:41+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 5 of 10 2020-03-16T11:27:41+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 0.500000 s 2020-03-16T11:27:42+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:42+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 6 of 10 2020-03-16T11:27:42+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 0.600000 s 2020-03-16T11:27:43+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:43+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 7 of 10 2020-03-16T11:27:43+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 0.700000 s 2020-03-16T11:27:43+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:43+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 8 of 10 2020-03-16T11:27:43+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 0.800000 s 2020-03-16T11:27:44+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:44+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 9 of 10 2020-03-16T11:27:44+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 0.900000 s 2020-03-16T11:27:45+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:45+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 10 of 10 2020-03-16T11:27:45+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 1.000000 s 2020-03-16T11:27:46+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None qml: calculateAll failed: open_device_failed 2020-03-16T11:27:47+0900 DEBUG [ykman.driver_otp.open_devices:224] Success in opening key at position 0 2020-03-16T11:27:47+0900 DEBUG [ykman.device.init:198] Read config from device... 2020-03-16T11:27:47+0900 DEBUG [ykman.device.init:200] Success! 2020-03-16T11:27:47+0900 DEBUG [ykman.device.init:289] Identified YubiKey 5 2020-03-16T11:27:47+0900 DEBUG [ykman.driver_otp.open_devices:222] Failed to open key at position 1 2020-03-16T11:27:47+0900 DEBUG [ykman.driver_otp.del:208] Destroy <ykman.driver_otp.OTPDriver object at 0x7f1a840d7ee0> 2020-03-16T11:27:47+0900 DEBUG [ykman.driver_otp.close:203] Close <ykman.driver_otp.OTPDriver object at 0x7f1a840d7ee0> 2020-03-16T11:27:47+0900 DEBUG [ykman.descriptor._open_driver:175] Opening driver for transports: TRANSPORT.CCID, serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:47+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 1 of 10 2020-03-16T11:27:47+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 0.100000 s 2020-03-16T11:27:47+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:47+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 2 of 10 2020-03-16T11:27:47+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 0.200000 s 2020-03-16T11:27:47+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:47+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 3 of 10 2020-03-16T11:27:47+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 0.300000 s 2020-03-16T11:27:47+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:47+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 4 of 10 2020-03-16T11:27:47+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 0.400000 s 2020-03-16T11:27:48+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:48+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 5 of 10 2020-03-16T11:27:48+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 0.500000 s 2020-03-16T11:27:48+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:48+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 6 of 10 2020-03-16T11:27:48+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 0.600000 s 2020-03-16T11:27:49+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:49+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 7 of 10 2020-03-16T11:27:49+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 0.700000 s 2020-03-16T11:27:49+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:49+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 8 of 10 2020-03-16T11:27:49+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 0.800000 s 2020-03-16T11:27:50+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:50+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 9 of 10 2020-03-16T11:27:50+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 0.900000 s 2020-03-16T11:27:51+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None 2020-03-16T11:27:51+0900 DEBUG [ykman.descriptor._open_driver:179] Attempt 10 of 10 2020-03-16T11:27:51+0900 DEBUG [ykman.descriptor._open_driver:202] Sleeping for 1.000000 s 2020-03-16T11:27:52+0900 DEBUG [ykman.descriptor._open_driver:204] No driver found for serial: 12036004, key_type: None, mode: None qml: calculateAll failed: open_device_failed Segmentation fault (コアダンプ)

[jvo203]

An additional info: pcscd has been started and is running.

sudo systemctl status pcscd ● pcscd.service - PC/SC Smart Card Daemon Loaded: loaded (/usr/lib/systemd/system/pcscd.service; indirect; vendor preset: disabled) Active: active (running) since Mon 2020-03-16 10:03:11 JST; 1h 40min ago TriggeredBy: ● pcscd.socket Docs: man:pcscd(8) Main PID: 6981 (pcscd) Tasks: 4 (limit: 4915) Memory: 1.8M CGroup: /system.slice/pcscd.service └─6981 /usr/sbin/pcscd --foreground

3月 16 10:03:11 xeon systemd[1]: Started PC/SC Smart Card Daemon.

[jvo203]

The output from the command line tool:

1. Without YubiKey inserted ykman oath list Usage: ykman [OPTIONS] COMMAND [ARGS]... Try "ykman -h" for help.

Error: No YubiKey detected!

2. With YubiKey inserted ykman oath list Usage: ykman [OPTIONS] COMMAND [ARGS]... Try "ykman -h" for help.

Error: Failed connecting to YubiKey 5 [OTP+FIDO+CCID]. Make sure the application have the required permissions.

Re-running it with sudo does not change anything (still the same error about some unspecified permissions).

[dagheyman]

Thanks! For debugging, does the device show up as a reader when doing:

$ ykman list --readers

or even

$ opensc-tool -l ?

Does restarting pcscd do any difference?

Could you try running pcscd in the foreground with debug, re-plug the device and paste the output?

$ sudo /usr/sbin/pcscd --foreground --debug

[jvo203]

Thank you for useful suggestions. Restarting pcscd (with the YubiKey inserted) seems to make a difference.

Prior to a restart:

ykman list --readers : an empty output
opensc-tool -l
No smart card readers found.

After a restart:

chris@xeon:~> ykman list --readers
Yubico YubiKey OTP+FIDO+CCID 00 00
chris@xeon:~> opensc-tool -l
# Detected readers (pcsc)
Nr.  Card  Features  Name
0    Yes             Yubico YubiKey OTP+FIDO+CCID 00 00

And the further good news is that yubioath-desktop works OK after a restart of pcsdc. It finds the YubiKey right away and displays a registered OTP too (just like it does on macOS without any problems).

Hopefully the problem will not re-appear anymore...

[dagheyman]

Great! Root cause here is that pcscd can't find/access the reader for some reason, but the app could definitely handle this error better. Thanks for the detailed report.

[jvo203]

OK. Will keep the issue open for a while at least until the next full reboot of the Linux machine (without a YubiKey inserted). If the problem does not re-appear at that point the issue will be closed.

[jvo203]

Thank you very much for your help, the issue can be closed. The Linux YubiKey Authenticator (GUI) works perfectly OK after a full reboot of the Linux desktop.