search

frankmorgner / OpenSCToken

Use OpenSC in macOS CryptoTokenKit.
GNU General Public License v3.0
76 stars 14 forks source link

Cannot disable builtin tokens #43

Closed frankmorgner closed 2 years ago

frankmorgner commented 3 years ago

As documented in https://support.apple.com/de-de/guide/deployment-reference-macos/apd2969ad2d7/web, we have the following command in README.md to disable the builtin CTK token for PIV:

sudo defaults write /Library/Preferences/com.apple.security.smartcard DisabledTokens -array com.apple.CryptoTokenKit.pivtoken

However, this doesn't seem to work anymore (Big Sur, 11.5.2). /System/Library/Frameworks/CryptoTokenKit.framework/PlugIns/pivtoken.appex/Contents/MacOS/pivtoken is loaded anyway when inserting an Yubikey...

frankmorgner commented 2 years ago

This seems to be fixed with a macOS system upgrade...