| Yubico Forum https://forum.yubico.com/ |
|
| [QUESTION] How to use as non-root user ( on mac os x ) https://forum.yubico.com/viewtopic.php?f=26&t=1169 |
Page 1 of 1 |
| Author: | MarkE [ Mon Sep 16, 2013 10:11 pm ] |
| Post subject: | [QUESTION] How to use as non-root user ( on mac os x ) |
Dear, I want to use my Neo with GPG on Mac OS X 10.8.4 but noticed I can only access its open GPG card functionality as root. Following are the return values when executed a root vs. regular user: Code: // As root # ykinfo -v version: 3.1.2 # gpg2 --card-status gives full list of the cards details //Not root but still admin user $ ykinfo -v USB error: kIOReturnSuccess //As a regular non-root/non-admin user: $ ykinfo -v USB error: unknown error $ gpg2 --card-status gpg: selecting openpgp failed: Card not present gpg: OpenPGP card not available: Card not present Can anyone help on how this could be resolved so a regular user can access the openGPG card applet and yinfo ? ( for linux I read setting proper udev rules helps, but udev does not exist for Mac OS X and I couldn't find an Mac alternative ) Thanks, |
|
| Author: | btrotter [ Sun Dec 01, 2013 1:41 am ] |
| Post subject: | Re: [QUESTION] How to use as non-root user ( on mac os x ) |
I was trying to figure out why the app i installed from the appstore couldn't read my yubikey- I got "unknown error occurred". I finally figured out thanks to your post that it needed to be run as sudo. I hope yubi can some up with a solution that doesn't require sudo as having an installed app isn't very helpful if you have to drop to the commandline and "sudo /Applications/YubiKey\ Personalization\ Tool.app/Contents/MacOS/YubiKey\ Personalization\ Tool". It's "less" inconvenient for the CLI tools, but still a hassle. |
|
| Author: | yubiman [ Mon Dec 09, 2013 9:03 pm ] |
| Post subject: | Re: [QUESTION] How to use as non-root user ( on mac os x ) |
I have the same issue. I can access the usb only as root and there is no udev in macos. Also I cant use the pam because it has no rights: Quote: passwd debug: pam_yubico.c:761 (parse_cfg): called. debug: pam_yubico.c:762 (parse_cfg): flags 0 argc 2 debug: pam_yubico.c:764 (parse_cfg): argv[0]=mode=challenge-response debug: pam_yubico.c:764 (parse_cfg): argv[1]=debug debug: pam_yubico.c:765 (parse_cfg): id=-1 debug: pam_yubico.c:766 (parse_cfg): key=(null) debug: pam_yubico.c:767 (parse_cfg): debug=1 debug: pam_yubico.c:768 (parse_cfg): alwaysok=0 debug: pam_yubico.c:769 (parse_cfg): verbose_otp=0 debug: pam_yubico.c:770 (parse_cfg): try_first_pass=0 debug: pam_yubico.c:771 (parse_cfg): use_first_pass=0 debug: pam_yubico.c:772 (parse_cfg): authfile=(null) debug: pam_yubico.c:773 (parse_cfg): ldapserver=(null) debug: pam_yubico.c:774 (parse_cfg): ldap_uri=(null) debug: pam_yubico.c:775 (parse_cfg): ldapdn=(null) debug: pam_yubico.c:776 (parse_cfg): user_attr=(null) debug: pam_yubico.c:777 (parse_cfg): yubi_attr=(null) debug: pam_yubico.c:778 (parse_cfg): yubi_attr_prefix=(null) debug: pam_yubico.c:779 (parse_cfg): url=(null) debug: pam_yubico.c:780 (parse_cfg): capath=(null) debug: pam_yubico.c:781 (parse_cfg): token_id_length=12 debug: pam_yubico.c:782 (parse_cfg): mode=chresp debug: pam_yubico.c:783 (parse_cfg): chalresp_path=(null) debug: pam_yubico.c:823 (pam_sm_authenticate): get user returned: *******removed******* debug: pam_yubico.c:490 (do_challenge_response): Failed initializing YubiKey debug: pam_yubico.c:677 (do_challenge_response): USB error: kIOReturnSuccess debug: pam_yubico.c:689 (do_challenge_response): Challenge response failed: No such file or directory passwd: authentication error Any ideas? (Mavericks 10.9) |
|
| Author: | mig5 [ Thu Jul 03, 2014 2:48 am ] |
| Post subject: | Re: [QUESTION] How to use as non-root user ( on mac os x ) |
This is occurring for me too, I am trying to just configure Yubico in Challenge Response mode for the Screensaver per these guides: http://blog.avisi.nl/2014/05/06/two-fac ... y-example/ http://opensource.yubico.com/yubico-pam ... ponse.html http://jakobpetersson.se/yubikey-and-mac-os-x/ Miguels-MacBook-Pro:~ miguel$ ykpamcfg -2 USB error: kIOReturnSuccess Miguels-MacBook-Pro:~ miguel$ echo $? 1 Miguels-MacBook-Pro:~ miguel$ ykinfo -v USB error: kIOReturnSuccess Only works with sudo or as root, and means my screensaver test doesn't work since it's not being run as sudo.. also Mavericks 10.9.4. Any ideas? |
|
| Author: | CypherCookie [ Tue Jun 28, 2016 4:28 pm ] |
| Post subject: | Re: [QUESTION] How to use as non-root user ( on mac os x ) |
I'm seeing the kIOReturnSuccess error even after secure keyboard option has been disabled. I've not been able to pin down where this issue is coming from at all. So far i have rolled the Yubikey 2 factor auth to over 200 people and have only had 1 issue with it to date. We are using 10.10.5 and I have not seen anyone else have this issue. I have removed and re-install the pam_yubico module from brew and still have had no luck with resolving this problem. Any advice is welcome. |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|