Yubico Forum
https://forum.yubico.com/

[Q?] How-to enable yubikey NEO ccid keychain in MacOS 10.9.5
https://forum.yubico.com/viewtopic.php?f=23&t=1721		 Page 1 of 1
Author:  westfeld [ Sun Jan 25, 2015 9:42 pm ]
Post subject:  [Q?] How-to enable yubikey NEO ccid keychain in MacOS 10.9.5
Hello everyone,

I am trying to use the CCID mode of my yubikey NEO to work correctly with my Mac OS X 10.9.5 Mavericks.

I have tried the following steps:

  1. Downloaded YubiKey NEO Manager 1.0.0
  2. Inserted YubiKey NEO and activated the CCID connection mode and replugged it.
  3. Downloaded the Apple SmartCard Services from https://smartcardservices.macosforge.org
  4. Installed the Apple SmartCard services v2.0.1 with the PIV tokend [50000]
  5. Rebooted the mac

When I now insert my yubikey NEO I see the following on my console

Quote:
25.01.15 21:40:48,251 UserEventAgent[11]: assertion failed: 13F34: com.apple.telemetry + 16493 [AE0C3032-1747-317E-9871-E26B5B6B0120]: 0xffffffffe00002ed
25.01.15 21:40:48,907 com.apple.SecurityServer[15]: Token reader Yubico Yubikey NEO OTP+CCID 00 00 inserted into system
25.01.15 21:40:49,740 com.apple.SecurityServer[15]: token in reader Yubico Yubikey NEO OTP+CCID 00 00 cannot be used (error 229)


The compiled yubikey-piv-tool works with the yubikey: I can import certificates into the yubikey, check the PIN, etc. However in the Keychain Application there is no new keychain representing the YubiKey NEO.

I already tried reinstalling SmartCard services but without luck.

How can I make it work on my mac?
Author:  zviratko [ Fri Mar 13, 2015 3:03 pm ]
Post subject:  Re: [Q?] How-to enable yubikey NEO ccid keychain in MacOS 10
I know this is a kind-of-late reply, but it could help others
I haven't tried on 10.9.x, only on 10.10 - Yosemite

1) in my case, the tokend from smartcardservices wasn't working too well - had to use the CACkey tokend, but YMMV - you should try what works best for you.
^ This could be only the case with Yosemite as things are in flux here and some bugs apply to all smartcards, not just Yubikey - so disregard if tokend is working for you
2) You need to have the Yubikey PIV applet personalized before trying to use it - that's why you get that error message. Import your cert+key into the appropriate slot and reinsert - it will show up in keychain after that
Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/