Hallo zusammen,
ich habe gerade einen Nitrokey 3A NFC geschenkt bekommen und wollte das Teil mal ausprobieren (Linux Mint 20.3).
Aber, ich kenne mich mit dem ganzen Zeug noch nicht so gut aus und bin deshalb auf ein bisschen Hilfe angewiesen.
Hier mein Problem: Als Erstes möchte ich die Firmware updaten:
stefan@Acer-Aspire-E5-571G:~$ nitropy list
Command line tool to interact with Nitrokey devices 0.4.36
:: 'Nitrokey FIDO2' keys
:: 'Nitrokey Start' keys:
:: 'Nitrokey 3' keys
/dev/hidraw3: Nitrokey 3 Bootloader (LPC55) 8D8BC974A25BCB5ABC4AD7F110553DC6
stefan@Acer-Aspire-E5-571G:~$
→ der Nitrokey wird erkannt. Freude!
stefan@Acer-Aspire-E5-571G:~$ nitropy nk3 status
Command line tool to interact with Nitrokey devices 0.4.36
Critical error:
No Nitrokey 3 device found
--------------------------------------------------------------------------------
Critical error occurred, exiting now
Unexpected? Is this a bug? Would you like to get support/help?
- You can report issues at: ht tp s://s upport.nitrokey. com/
- Writing an e-mail to support@nitrokey.com is also possible
- Please attach the log: '/tmp/nitropy.log.uxn0cklh' with any support/help request!
- Please check if you have udev rules installed: ht tp s://d ocs.nitrokey. com/nitrokey3/linux/firmware-update.html#troubleshooting
stefan@Acer-Aspire-E5-571G:~$
Frust. Na gut, fangen wir mit dem einfacheren Teil an:
stefan@Acer-Aspire-E5-571G:/etc/udev/rules.d$ ls -alh
insgesamt 16K
drwxr-xr-x 2 root root 4,0K Mai 9 22:56 .
drwxr-xr-x 4 root root 4,0K Apr 11 23:14 ..
-rw-rw-r-- 1 stefan stefan 3,0K Mai 9 22:24 41-nitrokey.rules
-rw-r--r-- 1 root root 294 Mär 27 2021 79-udev-epson.rules
stefan@Acer-Aspire-E5-571G:/etc/udev/rules.d$
stefan@Acer-Aspire-E5-571G:/etc/udev/rules.d$ cat 41-nitrokey.rules
#
# Copyright (c) 2015-2022 Nitrokey GmbH
#
# This file is part of libnitrokey.
#
# libnitrokey is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# any later version.
#
# libnitrokey is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with libnitrokey. If not, see <ht tp://ww w.gnu.org/licenses/>.
#
# SPDX-License-Identifier: LGPL-3.0
#
# Here rules in new style should be provided. Matching devices should be tagged with 'uaccess'.
# File prefix number should be lower than 73, to be correctly processed by the Udev.
# Recommended udev version: >= 188.
#
ACTION!="add|change", GOTO="u2f_end"
# Nitrokey U2F
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="f1d0", TAG+="uaccess"
# Nitrokey FIDO U2F
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="20a0", ATTRS{idProduct}=="4287", TAG+="uaccess"
# Nitrokey FIDO2
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="20a0", ATTRS{idProduct}=="42b1", TAG+="uaccess"
# Nitrokey 3A Mini/3A NFC/3C NFC
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="20a0", ATTRS{idProduct}=="42b2", TAG+="uaccess"
# Nitrokey 3A NFC Bootloader/3C NFC Bootloader
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="20a0", ATTRS{idProduct}=="42dd", TAG+="uaccess"
# Nitrokey 3A Mini Bootloader
ATTRS{idVendor}=="20a0", ATTRS{idProduct}=="42e8", TAG+="uaccess"
LABEL="u2f_end"
SUBSYSTEM!="usb", GOTO="gnupg_rules_end"
ACTION!="add", GOTO="gnupg_rules_end"
# USB SmartCard Readers
## Crypto Stick 1.2
ATTR{idVendor}=="20a0", ATTR{idProduct}=="4107", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg", TAG+="uaccess"
## Nitrokey Pro
ATTR{idVendor}=="20a0", ATTR{idProduct}=="4108", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg", TAG+="uaccess"
## Nitrokey Pro Bootloader
ATTRS{idVendor}=="20a0", ATTRS{idProduct}=="42b4", TAG+="uaccess"
## Nitrokey Storage
ATTR{idVendor}=="20a0", ATTR{idProduct}=="4109", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg", TAG+="uaccess"
## Nitrokey Storage Bootloader
ATTR{idVendor}=="03eb", ATTR{idProduct}=="2ff1", TAG+="uaccess"
## Nitrokey Start
ATTR{idVendor}=="20a0", ATTR{idProduct}=="4211", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg", TAG+="uaccess"
## Nitrokey HSM
ATTR{idVendor}=="20a0", ATTR{idProduct}=="4230", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg", TAG+="uaccess"
LABEL="gnupg_rules_end"
# Nitrokey Storage dev Entry
KERNEL=="sd?1", ATTRS{idVendor}=="20a0", ATTRS{idProduct}=="4109", SYMLINK+="nitrospace"
stefan@Acer-Aspire-E5-571G:/etc/udev/rules.d$
stefan@Acer-Aspire-E5-571G:~$ cat /tmp/nitropy.log.uxn0cklh
540 INFO pynitrokey.cli Timestamp: 2023-05-09 22:55:25.352305
540 INFO pynitrokey.cli OS: uname_result(system='Linux', node='Acer-Aspire-E5-571G', release='5.15.0-71-generic', version='#78~20.04.1-Ubuntu SMP Wed Apr 19 11:26:48 UTC 2023', machine='x86_64')
540 INFO pynitrokey.cli Python version: 3.9.16
548 INFO pynitrokey.cli pynitrokey version: 0.4.36
553 INFO pynitrokey.cli cryptography version: 36.0.2
558 INFO pynitrokey.cli ecdsa version: 0.18.0
564 INFO pynitrokey.cli fido2 version: 1.1.1
568 INFO pynitrokey.cli pyusb version: 1.2.1
572 INFO pynitrokey.cli spsdk version: 1.7.1
1810 INFO libusbsio Loading SIO library: /tmp/_MEIWFA7L6/libusbsio/libusbsio.so
1814 INFO libusbsio HID enumeration[25651120]: initialized
1815 DEBUG libusbsio HID enumeration[25651120]: device #0: MCU HID GENERIC DEVICE
1818 DEBUG libusbsio HID enumeration[25651120]: device #1: USB Optical Mouse
1818 INFO libusbsio HID enumeration[25651120]: finished, total 2 devices
1901 DEBUG fido2.hid.linux Failed opening device /dev/hidraw1
Traceback (most recent call last):
File "fido2/hid/linux.py", line 98, in list_descriptors
File "fido2/hid/linux.py", line 55, in get_descriptor
PermissionError: [Errno 13] Permission denied: '/dev/hidraw1'
1902 DEBUG fido2.hid.linux Failed opening device /dev/hidraw0
Traceback (most recent call last):
File "fido2/hid/linux.py", line 98, in list_descriptors
File "fido2/hid/linux.py", line 55, in get_descriptor
PermissionError: [Errno 13] Permission denied: '/dev/hidraw0'
1903 DEBUG root print: Critical error:
1903 DEBUG root print: No Nitrokey 3 device found
1903 DEBUG root listing all connected devices:
1961 DEBUG root :: 'Nitrokey FIDO2' keys
1961 DEBUG root :: 'Nitrokey Start' keys:
1981 DEBUG root :: 'Nitrokey 3' keys
1985 INFO libusbsio HID enumeration[25639184]: initialized
1985 DEBUG libusbsio HID enumeration[25639184]: device #0: MCU HID GENERIC DEVICE
1985 DEBUG libusbsio HID enumeration[25639184]: device #1: USB Optical Mouse
1985 INFO libusbsio HID enumeration[25639184]: finished, total 2 devices
2065 INFO spsdk.mboot.mcuboot Connect: MCU HID GENERIC DEVICE (0x20A0, 0x42DD)
2065 DEBUG spsdk.mboot.interfaces.usb Open Interface
2066 INFO libusbsio.hidapi.dev Opening HID device at path: 'b'/dev/hidraw3''
2130 INFO libusbsio.hidapi.dev HID device 31940944 is now open
2130 INFO spsdk.mboot.mcuboot CMD: GetProperty('UniqueDeviceIdent', index=0)
2131 DEBUG spsdk.mboot.mcuboot TX-PACKET: Tag=GetProperty, Flags=0x00, P[0]=0x00000012, P[1]=0x00000000
2131 DEBUG spsdk.mboot.interfaces.usb OUT[16]: 01, 00, 0C, 00, 07, 00, 00, 02, 12, 00, 00, 00, 00, 00, 00, 00
2131 DEBUG libusbsio.hidapi.dev HID device 31940944 writing[16]: 0x01000c00070000021200000000000000
2133 DEBUG libusbsio.hidapi.dev HID device 31940944 wrote 59 bytes
2134 DEBUG libusbsio.hidapi.dev HID device 31940944 read[60]: 0x03001800a7000005000000008d8bc974a25bcb5abc4ad7f110553dc60000000000000000000000000000000000000000000000000000000000000000
2134 DEBUG spsdk.mboot.interfaces.usb IN [60]: 03, 00, 18, 00, A7, 00, 00, 05, 00, 00, 00, 00, 8D, 8B, C9, 74, A2, 5B, CB, 5A, BC, 4A, D7, F1, 10, 55, 3D, C6, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00
2134 DEBUG spsdk.mboot.mcuboot RX-PACKET: Tag=GetPropertyResponse, Status=Success, v0=0x74C98B8D, v1=0x5ACB5BA2, v2=0xF1D74ABC, v3=0xC63D5510
2134 DEBUG root /dev/hidraw3: Nitrokey 3 Bootloader (LPC55) 8D8BC974A25BCB5ABC4AD7F110553DC6
2135 INFO spsdk.mboot.mcuboot Closing: MCU HID GENERIC DEVICE (0x20A0, 0x42DD)
2135 DEBUG spsdk.mboot.interfaces.usb Close Interface
2135 INFO libusbsio.hidapi.dev HID device 31940944 closed
2136 DEBUG root print: --------------------------------------------------------------------------------
2136 DEBUG root print: Critical error occurred, exiting now
2136 DEBUG root print: Unexpected? Is this a bug? Would you like to get support/help?
2137 DEBUG root print: - You can report issues at: ht tp s://s upport.nitrokey. com/
2137 DEBUG root print: - Writing an e-mail to support@nitrokey. com is also possible
2137 DEBUG root print: - Please attach the log: '/tmp/nitropy.log.uxn0cklh' with any support/help request!
2137 DEBUG root print: - Please check if you have udev rules installed: ht tp s://d ocs.nitrokey. com/nitrokey3/linux/firmware-update.html#troubleshooting
stefan@Acer-Aspire-E5-571G:~$
Wer kann mir hier weiterhelfen?
Vielen Dank!
P. S. Ich musste die Links kaputt-editieren, weil das Forum sonst meckert.