Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 1:35 pm

View unanswered posts | View active topics


Board index » Yubikey » Yubikey NEO

All times are UTC + 1 hour




Post new topic Reply to topic  Page 1 of 1
  [ 5 posts ] 
  Print view Previous topic | Next topic 
Author Message
MarkE
PostPosted: Mon Sep 16, 2013 10:11 pm 
Offline

Joined: Mon Sep 16, 2013 9:57 pm
Posts: 1
Dear,

I want to use my Neo with GPG on Mac OS X 10.8.4 but noticed I can only access its open GPG card functionality as root.
Following are the return values when executed a root vs. regular user:

Code:
// As root
# ykinfo -v
version: 3.1.2
# gpg2 --card-status 
gives full list of the cards details

//Not root but still admin user
$ ykinfo -v
USB error: kIOReturnSuccess

//As a regular non-root/non-admin user:
$ ykinfo -v
USB error: unknown error
$ gpg2 --card-status 
gpg: selecting openpgp failed: Card not present
gpg: OpenPGP card not available: Card not present


Can anyone help on how this could be resolved so a regular user can access the openGPG card applet and yinfo ?
( for linux I read setting proper udev rules helps, but udev does not exist for Mac OS X and I couldn't find an Mac alternative )

Thanks,
Top
 Profile  
Reply with quote  

Share On:
Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

btrotter
PostPosted: Sun Dec 01, 2013 1:41 am 
Offline

Joined: Sun Dec 01, 2013 1:29 am
Posts: 1
I was trying to figure out why the app i installed from the appstore couldn't read my yubikey- I got "unknown error occurred". I finally figured out thanks to your post that it needed to be run as sudo. I hope yubi can some up with a solution that doesn't require sudo as having an installed app isn't very helpful if you have to drop to the commandline and "sudo /Applications/YubiKey\ Personalization\ Tool.app/Contents/MacOS/YubiKey\ Personalization\ Tool". It's "less" inconvenient for the CLI tools, but still a hassle.
Top
 Profile  
Reply with quote  
yubiman
PostPosted: Mon Dec 09, 2013 9:03 pm 
Offline

Joined: Mon Dec 09, 2013 8:55 pm
Posts: 1
I have the same issue. I can access the usb only as root and there is no udev in macos.

Also I cant use the pam because it has no rights:

Quote:
passwd
debug: pam_yubico.c:761 (parse_cfg): called.
debug: pam_yubico.c:762 (parse_cfg): flags 0 argc 2
debug: pam_yubico.c:764 (parse_cfg): argv[0]=mode=challenge-response
debug: pam_yubico.c:764 (parse_cfg): argv[1]=debug
debug: pam_yubico.c:765 (parse_cfg): id=-1
debug: pam_yubico.c:766 (parse_cfg): key=(null)
debug: pam_yubico.c:767 (parse_cfg): debug=1
debug: pam_yubico.c:768 (parse_cfg): alwaysok=0
debug: pam_yubico.c:769 (parse_cfg): verbose_otp=0
debug: pam_yubico.c:770 (parse_cfg): try_first_pass=0
debug: pam_yubico.c:771 (parse_cfg): use_first_pass=0
debug: pam_yubico.c:772 (parse_cfg): authfile=(null)
debug: pam_yubico.c:773 (parse_cfg): ldapserver=(null)
debug: pam_yubico.c:774 (parse_cfg): ldap_uri=(null)
debug: pam_yubico.c:775 (parse_cfg): ldapdn=(null)
debug: pam_yubico.c:776 (parse_cfg): user_attr=(null)
debug: pam_yubico.c:777 (parse_cfg): yubi_attr=(null)
debug: pam_yubico.c:778 (parse_cfg): yubi_attr_prefix=(null)
debug: pam_yubico.c:779 (parse_cfg): url=(null)
debug: pam_yubico.c:780 (parse_cfg): capath=(null)
debug: pam_yubico.c:781 (parse_cfg): token_id_length=12
debug: pam_yubico.c:782 (parse_cfg): mode=chresp
debug: pam_yubico.c:783 (parse_cfg): chalresp_path=(null)
debug: pam_yubico.c:823 (pam_sm_authenticate): get user returned: *******removed*******
debug: pam_yubico.c:490 (do_challenge_response): Failed initializing YubiKey
debug: pam_yubico.c:677 (do_challenge_response): USB error: kIOReturnSuccess
debug: pam_yubico.c:689 (do_challenge_response): Challenge response failed: No such file or directory
passwd: authentication error


Any ideas? (Mavericks 10.9)
Top
 Profile  
Reply with quote  
mig5
PostPosted: Thu Jul 03, 2014 2:48 am 
Offline

Joined: Thu Jul 03, 2014 2:46 am
Posts: 1
This is occurring for me too, I am trying to just configure Yubico in Challenge Response mode for the Screensaver per these guides:

http://blog.avisi.nl/2014/05/06/two-fac ... y-example/
http://opensource.yubico.com/yubico-pam ... ponse.html
http://jakobpetersson.se/yubikey-and-mac-os-x/

Miguels-MacBook-Pro:~ miguel$ ykpamcfg -2
USB error: kIOReturnSuccess
Miguels-MacBook-Pro:~ miguel$ echo $?
1
Miguels-MacBook-Pro:~ miguel$ ykinfo -v
USB error: kIOReturnSuccess

Only works with sudo or as root, and means my screensaver test doesn't work since it's not being run as sudo.. also Mavericks 10.9.4. Any ideas?
Top
 Profile  
Reply with quote  
CypherCookie
PostPosted: Tue Jun 28, 2016 4:28 pm 
Offline

Joined: Wed Jul 08, 2015 11:29 am
Posts: 4
I'm seeing the kIOReturnSuccess error even after secure keyboard option has been disabled. I've not been able to pin down where this issue is coming from at all.

So far i have rolled the Yubikey 2 factor auth to over 200 people and have only had 1 issue with it to date.

We are using 10.10.5 and I have not seen anyone else have this issue.

I have removed and re-install the pam_yubico module from brew and still have had no luck with resolving this problem.

Any advice is welcome.
Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 5 posts ] 

Board index » Yubikey » Yubikey NEO

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 8 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group