Beginner trying to use Nitrokey Storage with Kodi Device

All OK thanks to excellent instructions. Now have Nitrokey working as expected running on Linux laptop.

Having imported required public key to another laptop the Nitrokey works fine with popup window asking for entry of PIN. Once entered I can open the encrypted device as on first computer.

Where I have a problem is when I plug the Nitrokey into an OMSC (Kodi) media device which is running headless. I have imported the public key to the OMSC device using SSH but for normal running the media device uses a remote controller. What must I do to get the PIN entry popup to appear?

Hi!

If you have SSH access to the OMSC device, you can install there nitrocli, and unlock the Encrypted Volume with it.
Perhaps interesting idea is to make a Kodi plugin for doing so via the remote controller.

Edit: updated link

Hi and thanks for the suggestion. I think I must pursue the remote controller solution as this is only one consistent with headless operation in my application.
Any volunteer to make this happen as it is miles beyond my know how!
Regards,
Budge

Regarding our team - we are occupied for now, sorry!
I can give tips though to whoever would like to make it. As far as I see Kodi add-ons are written in Python. Our communication backend - libnitrokey - is in C++, and we use Python for testing, so that would be already solved, and it would be just a matter of adding proper Kodi GUI.
In case though it would not be possible to build the C++ part using Kodi’s distribution system on the targer machine, it is possible to write pure Python library only for unlocking/locking the Encrypted Volume, which would solve this.

Forget Kodi for now. If I am using server running runlevel 3 and therefore on console, how can I use the Nitrokey. I tried it just now and cannot use my PIN or anything else. Please tell me how this is supposed to work on linux server?

I understand the nitrocli tool I have mentioned earlier is not working on init 3, e.g. due to gpg-agent PIN request. If the mentioned is the case, I think it would suffice to change the pinentry application to CLI equivalent.
I will ask them generally via the ticket. Edit: registered as nitrocli#90.

Alternative is to write own simple CLI tool. Example of Python access is here: test_storage.py. You would need to install libnitrokey. It should be available in your OS package repository - which one do you use?

1 Like

Hi and thanks for the advice. As you can tell I am not a coder so will not even start on writing my own cli tool.
I use openSUSE Leap 15.0 for most work but I want to use the Nitrokey on OSMC/Kodi. I shall check the repo for the libnitrokey as you suggest but will have to leave the clever stuff to others.
Many thanks,
Budge

Hi!
I have learned through the mentioned ticket page, that that nitrocli should work in the init 3 mode. Could you try it? Perhaps gpg2 package would be needed to provide the pinentry command.