| Yubico Forum https://forum.yubico.com/ |
|
| Mac OS X: Cannot use Yubikey NEO in "Clamshell Mode" https://forum.yubico.com/viewtopic.php?f=26&t=2084 |
Page 1 of 1 |
| Author: | saran [ Fri Nov 06, 2015 1:20 am ] |
| Post subject: | Mac OS X: Cannot use Yubikey NEO in "Clamshell Mode" |
I've been using my Yubikey NEO on my Macbook Pro without problem for a number of months now. Recently, I have started using my laptop at home in the "clamshell mode". That is, leaving the laptop lid shut but connect the AC adapter, an external display, keyboard and mouse to the laptop. The laptop will automatically wake up in this configuration and behaves like a desktop computer. In this setup, however, whenever I plug in the Yubikey, my external USB keyboard and mouse stop functioning (although they remain "plugged in" to the system: there is no USB ejection events). Moreover, the system does not recognise any Yubikey button tap, either for OTP or U2F usage. This means that whenever I need to perform any 2FA task, I need to "undock" my laptop, wake it up again in its "normal" laptop mode, then plug in my Yubikey. This is obviously a very annoying situation. Could anyone give me some pointers as to what may be happening here? From what I can see, here is what happens in the syslog when I plug the Yubikey in "clamshell mode" (i.e. when everything locks up): Code: 06/11/2015 00:12:10.721 com.apple.SecurityServer[79]: Token reader Yubico Yubikey NEO OTP+U2F+CCID inserted into system 06/11/2015 00:12:10.721 com.apple.SecurityServer[79]: reader Yubico Yubikey NEO OTP+U2F+CCID: state changed 0 -> 34 06/11/2015 00:12:10.722 com.apple.SecurityServer[79]: token in reader Yubico Yubikey NEO OTP+U2F+CCID cannot be used (error 229) 06/11/2015 00:12:10.000 kernel[0]: AppleUSBTopCaseHIDDriverPM::message Error: kIOUSBMessagePortHasBeenReset received, requesting device reenumeration 06/11/2015 00:12:10.000 kernel[0]: AppleActuatorHIDEventDriver: message service is terminated 06/11/2015 00:12:10.000 kernel[0]: [AppleMultitouchDevice::willTerminate] entered 06/11/2015 00:12:10.000 kernel[0]: AppleActuatorDeviceUserClient::stop Entered 06/11/2015 00:12:10.000 kernel[0]: AppleActuatorDevice::stop Entered 06/11/2015 00:12:10.000 kernel[0]: AppleActuatorHIDEventDriver: stop 06/11/2015 00:12:10.000 kernel[0]: [AppleMultitouchDevice::stop] entered 06/11/2015 00:12:10.817 System Preferences[7744]: [BluetoothHIDDevice][initWithHIDDevice] Unable to get Object ID from IORegistry 06/11/2015 00:12:10.817 BezelServices 250.15[93]: ASSERTION FAILED: dvcAddrRef != ((void *)0) -[DriverServices getDeviceAddress:] line: 2727 06/11/2015 00:12:10.817 System Preferences[7744]: [BluetoothHIDDevice][initWithHIDDevice] Unable to get Object ID from IORegistry 06/11/2015 00:12:10.817 BezelServices 250.15[93]: ASSERTION FAILED: dvcAddrRef != ((void *)0) -[DriverServices getDeviceAddress:] line: 2727 06/11/2015 00:12:10.818 System Preferences[7744]: [BluetoothHIDDevice][initWithHIDDevice] Unable to get Object ID from IORegistry 06/11/2015 00:12:10.818 System Preferences[7744]: [BluetoothHIDDevice][initWithHIDDevice] Unable to get Object ID from IORegistry 06/11/2015 00:12:25.000 kernel[0]: AppleUSBCompositePM: waitForPMDriverCall timeout 06/11/2015 00:12:25.000 kernel[0]: USBF: 100505.556 IOUSBHIDDriver(IOUSBHIDDriver)::RearmInterruptRead returning error 0xe00002c0 (no such device), not issuing any reads to device 06/11/2015 00:12:25.918 com.apple.SecurityServer[79]: reader Yubico Yubikey NEO OTP+U2F+CCID: state changed 32 -> 18 06/11/2015 00:12:25.950 com.apple.SecurityServer[79]: reader Yubico Yubikey NEO OTP+U2F+CCID: state changed 16 -> 6 06/11/2015 00:12:25.950 com.apple.SecurityServer[79]: Token reader Yubico Yubikey NEO OTP+U2F+CCID removed from system 06/11/2015 00:12:26.000 kernel[0]: AppleDeviceManagementHIDEventService::start start could not make a string from out connection notification key 06/11/2015 00:12:26.000 kernel[0]: AppleDeviceManagementHIDEventService::start start could not make a string from out poweredoff notification key 06/11/2015 00:12:26.000 kernel[0]: AppleDeviceManagementHIDEventService::processWakeReason Wake reason: Host (0x01) 06/11/2015 00:12:26.000 kernel[0]: [AppleMultitouchDevice::start] entered 06/11/2015 00:12:26.000 kernel[0]: [AppleActuatorHIDEventDriver::start] entered 06/11/2015 00:12:26.000 kernel[0]: BuildActDeviceEntry enter 06/11/2015 00:12:26.000 kernel[0]: AppleActuatorDevice::start Entered 06/11/2015 00:12:26.000 kernel[0]: BuildActDeviceEntry exit 06/11/2015 00:12:26.000 kernel[0]: AppleDeviceManagementHIDEventService::messageClientsWithBSString messageClientsWithBSString sending message USBConnected 06/11/2015 00:12:26.000 kernel[0]: AppleActuatorDeviceUserClient::start Entered And this is what happens when I plug it while in normal "laptop mode" (i.e. when everything works): Code: 06/11/2015 00:14:37.434 com.apple.SecurityServer[79]: Token reader Yubico Yubikey NEO OTP+U2F+CCID inserted into system 06/11/2015 00:14:37.434 com.apple.SecurityServer[79]: reader Yubico Yubikey NEO OTP+U2F+CCID: state changed 0 -> 34 06/11/2015 00:14:37.434 com.apple.SecurityServer[79]: token in reader Yubico Yubikey NEO OTP+U2F+CCID cannot be used (error 229) 06/11/2015 00:14:38.437 com.apple.SecurityServer[79]: reader Yubico Yubikey NEO OTP+U2F+CCID: state changed 32 -> 18 06/11/2015 00:14:40.788 com.apple.SecurityServer[79]: reader Yubico Yubikey NEO OTP+U2F+CCID: state changed 16 -> 6 06/11/2015 00:14:40.788 com.apple.SecurityServer[79]: Token reader Yubico Yubikey NEO OTP+U2F+CCID removed from system Thanks a lot! |
|
| Author: | jtl [ Thu Dec 10, 2015 4:46 am ] |
| Post subject: | Re: Mac OS X: Cannot use Yubikey NEO in "Clamshell Mode" |
I've been having the same problem with my MacBookPro11,5 since I got it and used it with my Yubikey. Any progress towards resolution of this issue? Getting real sick of it. |
|
| Author: | Tom2 [ Thu Dec 10, 2015 10:09 am ] |
| Post subject: | Re: Mac OS X: Cannot use Yubikey NEO in "Clamshell Mode" |
Hello Guys, Can you give us some additional information please, Exact firmware version of the YubiKey NEO Exact version of your operating system Thank you. |
|
| Author: | jtl [ Fri Dec 11, 2015 12:21 am ] |
| Post subject: | Re: Mac OS X: Cannot use Yubikey NEO in "Clamshell Mode" |
Tom2 wrote: Hello Guys, Can you give us some additional information please, Exact firmware version of the YubiKey NEO Exact version of your operating system Thank you. Hi I own a YubiKey NEO in OTP+U2F+CCID mode. Running firmware 2.4.3 and I'm using it with a MacBookPro11,5 running OS X 10.10.5 I remember when I first setup my YubiKey it didn't freeze at first but it started freezing the same way as the OP after following the instructions for requirements of the Yubico Desktop Authenticator to detect the YubiKey (CCID drivers)? And of course if I disable CCID using YubiKey NEO Manager all is well. I also setup MacGPG for SSH/PGP keys. here is a log when I plug my YubiKey into my Mac with the freeze. Thanks |
|
| Author: | Tom2 [ Wed Dec 16, 2015 8:44 am ] |
| Post subject: | Re: Mac OS X: Cannot use Yubikey NEO in "Clamshell Mode" |
did you mean firmware 3.4.3? there are no NEO with firmware 2.4, those are YubiKey Standard |
|
| Author: | jtl [ Sun Dec 20, 2015 4:36 am ] |
| Post subject: | Re: Mac OS X: Cannot use Yubikey NEO in "Clamshell Mode" |
Sorry for the late reply, was sick. Tom2 wrote: did you mean firmware 3.4.3? there are no NEO with firmware 2.4, those are YubiKey Standard That is correct. |
|
| Author: | jtl [ Wed Jan 06, 2016 11:21 pm ] |
| Post subject: | Re: Mac OS X: Cannot use Yubikey NEO in "Clamshell Mode" |
Bump. Might try a fresh install of 10.11 later after cloning of drive. Anyone have any experience? |
|
| Author: | jtl [ Wed Jan 13, 2016 4:51 am ] |
| Post subject: | Re: Mac OS X: Cannot use Yubikey NEO in "Clamshell Mode" |
Some updates for you guys I also run Windows 10 on a second partition on this Mac. No problems there. I did a clean install of El Capitan last night on my 2015 Macbook Pro (MacBookPro11,5) As soon I as did the install and got most of my backups restored (Except apps) I installed the Yubikey authenticator packages along with manager, MacGPG2 etc from the Yubico site. El Capitan has a new CCID driver. SSH-agent with yubikey works and the problem is completely gone. Console output when plugging Yubikey in (last 3 lines) https://i.imgur.com/Yq3Bshb.png |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|
