Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 9:35 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 2 posts ] 
Author Message
PostPosted: Tue Dec 30, 2014 1:46 am 
Offline

Joined: Tue Dec 30, 2014 1:09 am
Posts: 2
I'm having issues talking to the open-pgp and piv applets when I set the mode on my NEO to OTP + CCID + U2F.
It doesn't seem to matter if Chrome (the only app using U2F is running or not)

If I disable the U2F mode then everything works as expected but I can't use U2F (as expected).
I also notice that when U2F is enabled, the YubiKey Neo Manager doesn't list any available apps.

I've seen a few other threads here with similar issues - but those all seem to be udev related on various linux distro's.
From what I can tell this should not be the expected behavior?

With U2F disabled:
Code:
$  opensc-tool -l
# Detected readers (pcsc)
Nr.  Card  Features  Name
0    Yes             Yubico Yubikey NEO OTP+CCID

$ gpg --card-status
Application ID ...: D2760001240102000006030212890000
Version ..........: 2.0
<snip>

Attachment:
Screenshot 2014-12-30 00.38.04.png
Screenshot 2014-12-30 00.38.04.png [ 122.56 KiB | Viewed 1923 times ]


With U2F enabled:
Code:
$  opensc-tool -l
No smart card readers found.

$ gpg --card-status
gpg: pcsc_connect failed: unknown reader (0x80100009)
gpg: apdu_send_simple(0) failed: general error
Please insert the card and hit return or enter 'c' to cancel: c
gpg: selecting openpgp failed: general error
gpg: OpenPGP card not available: general error

Attachment:
Screenshot 2014-12-30 00.38.13.png
Screenshot 2014-12-30 00.38.13.png [ 114.27 KiB | Viewed 1923 times ]


Code:
YubiKey Neo 3.3.0
YubiKey NEO Manager 1.1.0
libykneomgr: 0.1.6
ykpers: 1.16.2
libu2f-host: 0.0.2


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Tue Dec 30, 2014 12:00 pm 
Offline

Joined: Tue Dec 30, 2014 1:09 am
Posts: 2
I did some more digging today and it looks like the osx-patch-ccid script patched in the USB ID's for U2F combinations.

I'm running OS X v10.10.1 which ships with version 1.4.14 of pcsclite and the U2F combinations were added in 1.4.18 so this isn't surprising.

Manually removing the U2F combinations and killing pcsc like the script does manages to replicate the behavior I was seeing earlier.
Running the script again makes everything behave as expected without a reboot.

I'll attempt to test this on a machine which hasn't had the package installed to try and verify this a little further but is there something else that installing YubiKey Neo Manager does that requires a reboot? Maybe the package installation should force a reboot?


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: Heise IT-Markt [Crawler] and 12 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group