Yubico Forum
https://forum.yubico.com/

[QUESTION] How to reset yubikey 4 nano (instructions failed)
https://forum.yubico.com/viewtopic.php?f=35&t=2558		 Page 1 of 1
Author:  ddrbt [ Wed Feb 08, 2017 2:44 am ]
Post subject:  [QUESTION] How to reset yubikey 4 nano (instructions failed)
I'm trying to export pgp keys to my yubikey but
Code:
gpg2 --card-status
gives me this:

Code:
gpg: selecting openpgp failed: Operation not supported by device
gpg: OpenPGP card not available: Operation not supported by device


I have tried to reset my card using the instructions
here: https://developers.yubico.com/ykneo-openpgp/ResetApplet.html
and here: https://forum.yubico.com/viewtopic.php?f=35&t=2193&p=8245&hilit=openpgp+applet+reset to no avail.

Attempting to run this:

Code:
/hex
scd serialno
scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
scd apdu 00 e6 00 00
scd apdu 00 44 00 00
/echo Card has been successfully reset.


Gives me this:

Code:
ERR 100696144 Operation not supported by device <SCD>
gpg-connect-agent: stopping script execution


Any suggestions?
Author:  ChrisHalos [ Wed Feb 08, 2017 3:22 am ]
Post subject:  Re: [QUESTION] How to reset yubikey 4 nano (instructions fai
First I would recommend checking the firmware version (you can do this through YubiKey Personalization Tool)
Author:  ddrbt [ Wed Feb 08, 2017 4:17 am ]
Post subject:  Re: [QUESTION] How to reset yubikey 4 nano (instructions fai
Thanks for your speedy reply!

Code:
$ ykpersonalize -V
Firmware version 4.2.8 Touch level 775 Program sequence 3
1.17.3
Author:  ChrisHalos [ Wed Feb 08, 2017 9:54 pm ]
Post subject:  Re: [QUESTION] How to reset yubikey 4 nano (instructions fai
First try the activate command again, as this is the part that most frequently doesn't take (scd apdu 00 44 00 00). if that doesn't work enable debug and post as much info as you can generated when running the reset script.

Also, what is the Operating System and the gpg version? Have you tried killing the gpg-agent/scdaemon processes before attempting to run any more commands (or a full restart)?
Author:  ddrbt [ Sun Feb 12, 2017 8:51 am ]
Post subject:  Re: [QUESTION] How to reset yubikey 4 nano (instructions fai
I'm running macOS Sierra 10.12.3.
gpg2 --version gives me this:

Code:
gpg (GnuPG) 2.1.18
libgcrypt 1.7.6
.

I have rebooted my machine as well as killing scdaemon and gpg-agent between attempts.

This is what I get:

Code:
gpg-connect-agent --verbose --hex scd apdu 00 44 00 00
OK
ERR 67109139 Unknown IPC command <GPG Agent>
ERR 67109139 Unknown IPC command <GPG Agent>
ERR 67109139 Unknown IPC command <GPG Agent>
ERR 67109139 Unknown IPC command <GPG Agent>
ERR 67109139 Unknown IPC command <GPG Agent>
>
Author:  trouble [ Tue Feb 14, 2017 12:45 pm ]
Post subject:  Re: [QUESTION] How to reset yubikey 4 nano (instructions fai
I discovered this morning that the binary ("bottled") GnuPG 2.1.8 version in homebrew no longer likes Yubikeys. I haven't had a chance to debug, but building building gnupg21 without libusb appears to fix the problem:

Code:
brew reinstall gnupg21 --without-libusb


You may also need this in your $HOME/.gnupg/scdaemon.conf:

Code:
pcsc-driver /System/Library/Frameworks/PCSC.framework/PCSC


GnuPG 2.1.6 "just worked".

With any luck, this reply will encourage someone else to beat me to debugging the problem. ;-)
Author:  trouble [ Tue Feb 14, 2017 1:01 pm ]
Post subject:  Re: [QUESTION] How to reset yubikey 4 nano (instructions fai
Found in another thread: if you add ``disable-ccid`` to your $HOME/.gnupg/scdaemon.conf and restart any agents and daemons (``gpgconf --kill gpg-agent && gpgconf --launch gpg-agent``), it may magically start working for you.
Author:  ddrbt [ Fri Feb 17, 2017 1:41 am ]
Post subject:  Re: [QUESTION] How to reset yubikey 4 nano (instructions fai
Thank you, trouble! rebuilding with `--without-libusb` appears to have fixed the problem for me.
Author:  jcross [ Fri Oct 13, 2017 1:23 pm ]
Post subject:  Re: [QUESTION] How to reset yubikey 4 nano (instructions fai
After trying hundreds of different things (including items above), this worked for me:

Add
Code:
shared-access

To this file:
Code:
~/.gnupg/scdaemon.conf


You may need to then kill all processes (not necessary in my case):

Code:
killall gpg-agent; killall scdaemon; killall gpg; killall dirmngr; gpgconf --kill all

And / or insert / remove the Yubikey.
Author:  ChrisHalos [ Sat Oct 14, 2017 6:09 am ]
Post subject:  Re: [QUESTION] How to reset yubikey 4 nano (instructions fai
Try YubiKey Manager. It typically works when all other options fail:

https://developers.yubico.com/yubikey-m ... /Releases/

(1) install
(2) open Terminal/Command Prompt
(3) cd to the YubiKey Manager folder (Windows example: cd c:\Program Files (x86)\Yubico\YubiKey Manager)
(4) ykman openpgp reset
(5) y / enter to confirm reset
Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/