Nitrokey Pro2 fails to work with OpenKeyChain

commandline · February 5, 2019, 8:22pm

Dear,

Following a few attempts i create this topic.

Installed OpenKeyChain on Android 8.x
Inserted NitroKeyPro2 using USB OTG
Chose steps to create keys and such
Removed USB key upon request to do so

Was requested to hold the USB key close to the NFC reader

However, the NKP2 USB key does not appear to support any NFC

nitroalex · February 8, 2019, 8:48am

Hi,

the note to hold the USB key to the NFC can be ignored. You use the OTG to achieve this and the Pro does not have NFC.

Kind regards
Alex

commandline · February 8, 2019, 1:46pm

Thanks.

There are multiple NFC responses. Simply put, openkeychain does not work well with nitrokey as it is not specifically supported.

It is truly concerning Nitrokey has rudimentary apps for many OS (Pro2 and Storage) but not dedicated apps to make it work well.

I was able to figure out how to use the Pro2 to authenticate with Protonmail. Then again, i do require a pc to be able to use it as U2F token since no such app is avaible yet.

I’ve come across Krypton Authenticator (krypt.co) but this also does not work with Nitrokey and/or protonmail or other non preconfigured.

Br,

Joris

(Attachment publickey - registered@commandline.be - 0x56C26C9B.asc is missing)

nitroalex · February 8, 2019, 2:13pm

Hi Joris,

Nitrokey Start, Pro and Storage are supported by Openkeychain (officially). And I tested it. The picture shown in the App may be not accurate though.

I do not understand what you mean, sorry.

Kind regards
Alex

commandline · February 8, 2019, 3:40pm

Hi Alex,

Sorry if i’m wrong but i could not find how to make this work thus far.

I have no use for the pro2 since i cannot use it as OTP device on Android. Since no app supports it, for that i need a desktop OS, since the app is supported in that case.

I have not use for the FIDO U2F since neither does it have an app for which there is use on Android.

Hence my reference to Krypt.co which does appear to offer a potential solution but has no support for Nitrokey yet.

Br,

Joris

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐

Op vrijdag, februari 8, 2019 3:23 PM, Nitrokey Support noreply@nitrokey.com schreef:

(Attachment publickey - is missing)

nitroalex · February 8, 2019, 4:28pm

Hi Joris,

I see. I misunderstood you. OpenKeychain is not for use as a OTP client but for the OpenPGP keys on the Nitrokey.

There is currently no way to use the OTP on Android that is right.

The Nitrokey FIDO U2F should work on Android with the Google Authenticator, but I couldn’t test yet.

Kind regards
Alex

commandline · June 11, 2020, 11:57am

Hey Alex,

I understand.

Please have a look at https://play.google.com/store/apps/details?id=de.cotech.hw.fido.browser This demonstrates U2F FIDO2 working withouth an issue on Android.

Sadly, Bitwarden and other are adamant not to support this.