I am trying to upload to Neo my gpg keys, and encountering problems. I changed user and admin PINs, I tried generating keys on the card and that works well, but that's not what I want. I generated a 2048 bit RSA keys, it should be the proper set from what I read so far:
Code:
pub 2048R/D7C09909 created: 2014-02-24 expires: 2014-03-31 usage: SC
trust: ultimate validity: ultimate
sub 2048R/CB5512C0 created: 2014-02-24 expires: 2014-03-31 usage: E
sub 2048R/A18425B3 created: 2014-02-24 expires: 2014-03-31 usage: S
sub 2048R/E094ED10 created: 2014-02-24 expires: 2014-03-31 usage: E
sub 2048R/7FFE9E1E created: 2014-02-28 expires: 2014-03-30 usage: A
Now I try to upload it to card:
Code:
toggle
key 4
keytocard
scdaemon[5524]: updating slot 0 status: 0x0000->0x0007 (0->1)
The card does not support the import of keys
Fine, I may have too old version of the applet (it was bought in the christmas sale). Time to try and put a newer version of the applet on there.
Code:
gpg --verify ykneo-openpgp-1.0.5.cap.sig
gpg: Signature made 2013-10-10T15:53:29 CEST using RSA key ID 105E722E
gpg: Good signature from "Simon Josefsson <simon@josefsson.org>"
gpg: aka "Simon Josefsson <simon@yubico.com>"
and
Code:
$ cat gpinstall-test.txt
mode_211
enable_trace
establish_context
card_connect
select -AID a000000003000000
open_sc -security 1 -keyind 0 -keyver 0 -mac_key 404142434445464748494a4b4c4d4e4f -enc_key 404142434445464748494a4b4c4d4e4f
delete -AID D2760001240102000000000000010000
delete -AID D27600012401
install -file /tmp/ykneo-openpgp-1.0.5.cap -instParam 00 -priv 00
card_disconnect
release_context
OK, time to put the applet on the card:
Code:
$ gpshell ./gpinstall-test.txt
mode_211
enable_trace
establish_context
establish_context failed with error 0x8010001D (Service not available.)
...and I wasn't able to figure out what to do now. Key is in mode 82:
Code:
$ lsusb | grep -i yubi
Bus 001 Device 008: ID 1050:0111 Yubico.com Yubikey NEO OTP+CCID
and udev sets me as the owner of the device node. No idea what else to try...
Additional info: computer is thinkpad x201, I don't believe it has any built in card reader, lspci and lsusb don't show anything that I would read as such. I tried it both under 64 bit archlinux and 32bit ubuntu 13.04 and 13.10, with same results.
Any ideas what the problem is? Is it that the applet is too old for this functionality, or is there another issue? If it's too old, how do I convince the system to put a newer applet on the key?
Login
FAQ
Search
