| Yubico Forum https://forum.yubico.com/ |
|
| [QUESTION] Having a few problems with my NEOs https://forum.yubico.com/viewtopic.php?f=26&t=2686 |
Page 1 of 1 |
| Author: | nblyumberg [ Wed Aug 09, 2017 2:40 pm ] |
| Post subject: | [QUESTION] Having a few problems with my NEOs |
I'm running into a few issues which I think are related but I have not been able to make much progress on figure any of them out. I have a couple of Neo and a Nano4 keys, my intent is to have 3 nearly identical keys for the purpose of using 1 at home always in my primary computer (Nano) A NEO backup key for recovery purposes kept in the safe in case the 2nd NEO is lost A NEO primary key on my keychain for use in the office/etc... My intended use cases for this are: -Logging into Windows/Mac/Linux with Challenge-Response HMAC-SHA1 configuration (Implemented but I don't remember if the Neo has it) -Using LastPass for password management (Yubikey OTP) (Implemented in all keys) -Using U2F functionality of the key for Google/Facebook/etc (Implemented in all keys) -Using the GPG/PIV functionality to log into ssh sessions and sign (Made progress in Mac/Raspberry Pi but not my laptop) My laptop is one of the primary use cases since I use it every day and I suspect this is where my problems are. First issue is that when I don't have a Yubikey plugged in and start Yubikey NEO Manager, there's a report of a phanton/ghost yubikey that doesn't have a serial number, does not support U2F/FIDO and the only enabled mode is OTP. When I change the connection mode, it shows CCID as selectable but trying to toggle that results in an error message about Slot protection. I have used USBDeview on Support's suggestion to remove all devices with Yubikey identifier 1050 but that didn't make a difference. I have gone through a Windows 10 Creator Update and that did not resolve the issue either. Second issue is using Yubikey command line tools like ykpersonalize: Some commands work, others don't: C:\Program Files (x86)\Yubico\ybikey-personalization\bin>ykinfo.exe -s serial: 530xxx C:\Program Files (x86)\Yubico\ybikey-personalization\bin>ykinfo.exe -c Yubikey core error: timeout However the same sequence on the NANO reports differently C:\Program Files (x86)\Yubico\ybikey-personalization\bin>ykinfo.exe -c capabilities: 0c0101ff0xxxxxxxxxxxxxxccccccglcibff Then while trying to use gpg commands to edit the card on my laptop I get this as the result: C:\Program Files (x86)\Yubico\ybikey-personalization\bin>gpg --card-status gpg: selecting openpgp failed: Card not present gpg: OpenPGP card not available: Card not present While on a Mac I get this as the result: gpg --card-status Application ID ...: D276000124010200000605xxxxxx Version ..........: 2.0 Manufacturer .....: Yubico Serial number ....: 053xxxx Name of cardholder: [not set] Language prefs ...: [not set] Sex ..............: unspecified URL of public key : [not set] Login data .......: [not set] Signature PIN ....: forced Key attributes ...: 2048R 2048R 2048R Max. PIN lengths .: 127 127 127 PIN retry counter : 3 3 3 Signature counter : 0 Signature key ....: [none] Encryption key....: [none] Authentication key: [none] General key info..: [none] I haven't even gotten to the part of actually moving my keys to the Yubikey yet (I understand I can do it with my Mac but if I'm going to be using the key on my laptop most of the time and it's not working then I will probably not have much success on getting further once I move the keys over with my Mac) I'd like to figure out how to remove the ghost Yubikey without doing a full format of the laptop (Not an acceptable option) |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|