after some problems I managed to reset my Nitrokey startup last time. Now I finally wanted to run the firmware update, but unfortunately this fails. It looks like there is no current firmware version on the device anymore.
I am not sure if it is just the firmware that is not recognized or the stick is not recognized at all. My admin-PW is obviously accepted.
Is it broken or is there anything that can be rescued?
pi@raspberrypi:~ $ nitropy start update
*** Nitrokey tool for Nitrokey FIDO2 & Nitrokey Start
Nitrokey Start firmware update tool
Platform: Linux-5.4.72-v7±armv7l-with-debian-10.7
System: Linux, is_linux: True
Python: 3.7.3
Saving run log to: /tmp/nitropy.log.7h4nj7_q
Admin password:
Firmware data to be used:
- FirmwareType.REGNUAL: 4504, hash: …b’65ac82a1’ valid (from …built/RTM.10/regnual.bin)
- FirmwareType.GNUK: 131072, hash: …b’f85da8f7’ valid (from …prebuilt/RTM.10/gnuk.bin)
Currently connected device strings:
Device: initial device strings: [{‘name’: ‘’, ‘Vendor’: None, ‘Product’: None, ‘Serial’: None, ‘Revision’: None, ‘Config’: None, ‘Sys’: None, ‘Board’: None}]
Please note:
- Latest firmware available is:
RTM.10 (published: 2020-06-04T12:34:14Z) - provided firmware: None
- all data will be removed from the device!
- do not interrupt update process - the device may not run properly!
- the process should not take more than 1 minute
Do you want to continue? [yes/no]: yes
…
Starting bootloader upload procedure
error while running update
Could not connect to the device. Attempting to close scdaemon.
Running: gpgconf --kill all
Running: sudo systemctl stop pcscd pcscd.socket
retrying…
…
Starting bootloader upload procedure
error while running update
Could not connect to the device. Attempting to close scdaemon.
Running: gpgconf --kill all
Running: sudo systemctl stop pcscd pcscd.socket
retrying…
…
Starting bootloader upload procedure
error while running update
Could not connect to the device. Attempting to close scdaemon.
Running: gpgconf --kill all
Running: sudo systemctl stop pcscd pcscd.socket
retrying…
Critical error:
.
Could not proceed with the update
Please execute one or all of the following and try again:
- re-insert device to the USB slot
- run factory-reset on the device
- close other applications, which could use it (e.g., scdaemon, pcscd)
.
--------------------------------------------------------------------------------
Critical error occurred, exiting now
Unexpected? Is this a bug? Do you would like to get support/help?
- You can report issues at: Issues · Nitrokey/pynitrokey · GitHub
- Writing an e-mail to: support@nitrokey.com is also possible
- Please attach the log: ‘/tmp/nitropy.log.7h4nj7_q’ with any support/help request!
--------------------------------------------------------------------------------
pi@raspberrypi:~ $ gpg --card-status
gpg: selecting openpgp failed: No such device
gpg: OpenPGP card not available: No such device
On Window computer:
C:\Windows\system32>gpg --card-status
Reader …: Nitrokey Nitrokey Start 0
Application ID …: xxxxxxxxxxxxxxxxxxxxxxx
Application type .: OpenPGP
Version …: 2.0
Manufacturer …: unmanaged S/N range
Serial number …: xxxxxxxxxxxxxxxxxxxxxxx
Name of cardholder: [nicht gesetzt]
Language prefs …: [nicht gesetzt]
Salutation …:
URL of public key : [nicht gesetzt]
Login data …: [nicht gesetzt]
Signature PIN …: zwingend
Key attributes …: rsa2048 rsa2048 rsa2048
Max. PIN lengths .: 127 127 127
PIN retry counter : 3 3 3
Signature counter : 0
KDF setting …: off
Signature key …: [none]
Encryption key…: [none]
Authentication key: [none]
General key info…: [none]
pi@raspberrypi:~ $ sudo nitropy start list
sudo: nitropy: command not found
pi@raspberrypi:~ $ sudo nitropy start update
sudo: nitropy: command not found
pi@raspberrypi:~ $ sudo -i
root@raspberrypi:~# sudo nitropy start list
sudo: nitropy: command not found
root@raspberrypi:~# sudo nitropy start update
sudo: nitropy: command not found
root@raspberrypi:~# pynitrokey start list
-bash: pynitrokey: command not found
root@raspberrypi:~# exit
logout
I followed the instruction from the this article when I installed the package.
it looks like the pip3 call fails,
could you please run pip3 install -U pynitrokey (the -U ensures the package to be updated)
then you should search for the executable (nitropy) you can do this using which nitropy …
if the which call does not deliver the full path of the nitropy executable, then there was something wrong with your pip3 install, please check (or paste to some pastebin, then I can check) its output if there is no error…
hey this looks good, you are nearly there, let me explain some linux specifics:
pip3 install -U pynitrokey
correctly installs pynitrokey (thus the binary nitropy inside your users (“pi”) directory: ~/.local/bin/, also the directory is in your PATH (where the system is looking for executable binaries), what is what which nitropy tells you …
so if you simply run nitropy start list things run as expected (at least for the raspberry pi), means you can see that nitropy is starting correctly, but it’s not able to access the usb devices (as stated above, for some reason usb-access is not working here for the non-root user), thus you cannot see any devices listed.
if you now run sudo nitropy start list you try to run nitropy as root, but root has no nitropy available (as you have installed it locally to your user directory ~/.local/bin which is of course not part of the root-user’s PATH …
soooo, long story short:
uninstall the user pynitrokey, so run as user pip3 uninstall pynitrokey this will remove pynitrokey from your -user-local directory
install pynitrokey as root user: sudo pip3 install pynitrokey (this will install pynitrokey system-wide)
now you should be able to run: sudo nitropy start list
