Yubico Forum

View unanswered posts | View active topics

Board index » Yubikey » YubiKey 4

All times are UTC + 1 hour

OS X Sierra 10.12.5 Yubikey gpg issues

Page 1 of 1

[ 3 posts ]

Print view

Previous topic | Next topic

Author

Message

macosx2017

Post subject: OS X Sierra 10.12.5 Yubikey gpg issues

Posted: Sat Jul 08, 2017 1:14 am

Joined: Sat Jul 08, 2017 12:59 am
Posts: 1

Recently picked up a Yubikey 4c and have been having a hell of a time debugging why gpg and it won't work on OS X 10.12.5.

Basically when you run gpg --card-edit you get the dreaded

Code:

gpg --card-status
gpg: selecting openpgp failed: Operation not supported by device
gpg: OpenPGP card not available: Operation not supported by device

So, I tried all the usual tricks of killing the scdaemon, restarting all the gpg components, with no success. What is really annoying is it works perfectly fine in archlinux.

Here is some debugging information provided by scdaemon

Code:

2017-07-07 16:56:57 scdaemon[7083] DBG: chan_5 <- RESTART
2017-07-07 16:56:57 scdaemon[7083] DBG: chan_5 -> OK
2017-07-07 17:05:30 scdaemon[7083] DBG: chan_5 <- GETINFO version
2017-07-07 17:05:30 scdaemon[7083] DBG: chan_5 -> D 2.1.21
2017-07-07 17:05:30 scdaemon[7083] DBG: chan_5 -> OK
2017-07-07 17:05:30 scdaemon[7083] DBG: chan_5 <- SERIALNO openpgp
2017-07-07 17:05:30 scdaemon[7083] DBG: enter: apdu_open_reader: portstr=(null)
2017-07-07 17:05:30 scdaemon[7083] detected reader 'Yubico Yubikey 4 OTP+U2F+CCID'
2017-07-07 17:05:30 scdaemon[7083] reader slot 0: not connected
2017-07-07 17:05:30 scdaemon[7083] DBG: leave: apdu_open_reader => slot=0 [pc/sc]
2017-07-07 17:05:30 scdaemon[7083] DBG: enter: apdu_connect: slot=0
2017-07-07 17:05:30 scdaemon[7083] pcsc_control failed: not transacted (0x80100016)
2017-07-07 17:05:30 scdaemon[7083] pcsc_vendor_specific_init: GET_FEATURE_REQUEST failed: 65547
2017-07-07 17:05:30 scdaemon[7083] reader slot 0: active protocol: T1
2017-07-07 17:05:30 scdaemon[7083] slot 0: ATR=3B F8 13 00 00 81 31 FE 15 59 75 62 69 6B 65 79 34 D4
2017-07-07 17:05:30 scdaemon[7083] DBG: leave: apdu_connect => sw=0x0
2017-07-07 17:05:30 scdaemon[7083] DBG: send apdu: c=00 i=A4 p1=00 p2=0C lc=2 le=-1 em=0
2017-07-07 17:05:30 scdaemon[7083] DBG:   PCSC_data: 00 A4 00 0C 02 3F 00
2017-07-07 17:05:33 scdaemon[7083] pcsc_transmit failed: not transacted (0x80100016)
2017-07-07 17:05:33 scdaemon[7083] apdu_send_simple(0) failed: general error
2017-07-07 17:05:33 scdaemon[7083] DBG: send apdu: c=00 i=A4 p1=04 p2=00 lc=6 le=-1 em=0
2017-07-07 17:05:33 scdaemon[7083] DBG:   PCSC_data: 00 A4 04 00 06 D2 76 00 01 24 01
2017-07-07 17:05:36 scdaemon[7083] pcsc_transmit failed: not transacted (0x80100016)
2017-07-07 17:05:36 scdaemon[7083] apdu_send_simple(0) failed: general error
2017-07-07 17:05:36 scdaemon[7083] can't select application 'openpgp': Not supported
2017-07-07 17:05:36 scdaemon[7083] DBG: enter: apdu_close_reader: slot=0
2017-07-07 17:05:36 scdaemon[7083] DBG: enter: apdu_disconnect: slot=0
2017-07-07 17:05:36 scdaemon[7083] DBG: leave: apdu_disconnect => sw=0x0
2017-07-07 17:05:36 scdaemon[7083] DBG: leave: apdu_close_reader => 0x0 (close_reader)
2017-07-07 17:05:36 scdaemon[7083] DBG: chan_5 -> ERR 100696144 Operation not supported by device <SCD>
2017-07-07 17:05:36 scdaemon[7083] DBG: chan_5 <- RESTART

and more information from gpg-agent.log

Code:

2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 -> OK Pleased to meet you
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 <- RESET
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 -> OK
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 <- OPTION ttyname=/dev/ttys000
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 -> OK
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 <- OPTION ttytype=xterm-256color
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 -> OK
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 <- OPTION lc-ctype=en_US.UTF-8
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 -> OK
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 <- OPTION lc-messages=en_US.UTF-8
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 -> OK
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 <- GETINFO version
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 -> D 2.1.21
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 -> OK
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 <- OPTION allow-pinentry-notify
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 -> OK
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 <- OPTION agent-awareness=2.1.0
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 -> OK
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 <- SCD GETINFO version
2017-07-07 17:05:30 gpg-agent[7082] new connection to SCdaemon established (reusing)
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_9 -> GETINFO version
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_9 <- D 2.1.21
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_9 <- OK
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 -> D 2.1.21
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 -> OK
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_8 <- SCD SERIALNO openpgp
2017-07-07 17:05:30 gpg-agent[7082] DBG: chan_9 -> SERIALNO openpgp
2017-07-07 17:05:36 gpg-agent[7082] DBG: chan_9 <- ERR 100696144 Operation not supported by device <SCD>
2017-07-07 17:05:36 gpg-agent[7082] DBG: chan_8 -> ERR 100696144 Operation not supported by device <SCD>
2017-07-07 17:05:36 gpg-agent[7082] DBG: chan_8 <- [eof]
2017-07-07 17:05:36 gpg-agent[7082] DBG: chan_9 -> RESTART

Here is my scdaemon.conf that I've already tried some troubleshooting settings from previous forum posts

Code:

pcsc-driver /System/Library/Frameworks/PCSC.framework/PCSC
card-timeout 1
disable-ccid
log-file /Users/admin/.gnupg/scdaemon.log.txt
verbose
debug-level guru

gpg version

Code:

gpg --version
gpg (GnuPG) 2.1.21
libgcrypt 1.7.8

pcsctest seems to be able to communicate

Code:

pcsctest 

MUSCLE PC/SC Lite Test Program

Testing SCardEstablishContext    : Command successful.
Testing SCardGetStatusChange 
Please insert a working reader   : Command successful.
Testing SCardListReaders         : Command successful.
Reader 01: Yubico Yubikey 4 OTP+U2F+CCID
Enter the reader number          : 1
Waiting for card insertion         
                                 : Command successful.
Testing SCardConnect             : Command successful.
Testing SCardStatus              : Command successful.
Current Reader Name              : Yubico Yubikey 4 OTP+U2F+CCID
Current Reader State             : 0x54
Current Reader Protocol          : 0x1
Current Reader ATR Size          : 18 (0x12)
Current Reader ATR Value         : 3B F8 13 00 00 81 31 FE 15 59 75 62 69 6B 65 79 34 D4 
Testing SCardDisconnect          : Command successful.
Testing SCardReleaseContext      : Command successful.
Testing SCardEstablishContext    : Command successful.
Testing SCardGetStatusChange 
Please insert a working reader   : Command successful.
Testing SCardListReaders         : Command successful.
Reader 01: Yubico Yubikey 4 OTP+U2F+CCID

Anyone got any ideas?

Top

Share On:
	Facebook		Twitter		Tumblr		Google+

crusso

Post subject: Re: OS X Sierra 10.12.5 Yubikey gpg issues

Posted: Mon Jul 17, 2017 1:37 am

Joined: Mon Jul 17, 2017 1:33 am
Posts: 2

I'm having this exact same problem.

Any clues so far?

Top

jcross

Post subject: Re: OS X Sierra 10.12.5 Yubikey gpg issues

Posted: Fri Jul 28, 2017 2:03 am

Joined: Sun Oct 18, 2015 4:12 pm
Posts: 8

Same error message when using Yubikey Neo-N on OS X El Capitan 10.11.6 on an early 2014 MBA.
I'm using GnuPG from https://gpgtools.org
Error went away after a restart.

Top

Page 1 of 1

[ 3 posts ]

Board index » Yubikey » YubiKey 4

All times are UTC + 1 hour

Who is online

Users browsing this forum: Google [Bot] and 3 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

OS X Sierra 10.12.5 Yubikey gpg issues

Share On:

Who is online