Nitrokey Storage 2 - Gentoo Kernel issues

Nitrokeys
1

Hello!

I recently purchased a Nitrokey storage 2, loving it so far. I’m already using it to boot off.

However, there is one thing that is bugging me about it.
Whenever the stick is connected, I get the following messages in dmesg (looping again and again): https://pastebin.com/TQEgR25y
And here is the really strange thing: The NK works as expected. I can do everything with it - Unlocking, Reformatting, Mounting, everything works!

As soon as I unplug it, the messages stop again, so it has to be that.

I already tried to look in the kernel config for debugging options, did not find anything. Is there a list of things that need to be enabled for it to work properly? I could not find anything on the website, but I am happy to RTFM and report back if someone links me to it.
~ uname -r
5.4.28-gentoo

Any help is greatly appreciated, no need to rush it though, everything works here, just a minor inconvenience. Thanks!

2

Hi @jochen17!

I am glad you like it!

At first glance I thought you have built kernel with extended debug output enabled, but I see 3 entries with content -- transport indicates command failure. I am not sure whether these are critical errors disrupting the normal usage (especially while it seems it works for you). Will check, whether on the shipped kernels are any errors like that.
Can you try to use another kernel on your workstation?

3

I can’t try a different Kernel, but on my Ubuntu laptop these Issues are not there. (I did not test whether it works though).
If you want, I can try a live version of Ubuntu on my workstation, so that I have the same hardware.

But I am certain that I just forgot to compile something into the kernel, or some similar gentoo-related problem.

The only time issues happen is when I use nitrocli in combination with the nitrokey-app. This is expected however (You can’t just lock the NK while nk-app is working on it, and so on), so probably not the cause of my issue.
It does feel a bit “buggy” sometimes, but that might just be me trying to do things too quickly - I use a shell script to unlock an encrypted partition, maybe forget it to close sometimes, and so on. Stuff that the nitrokey-app probably checks for, but nitrocli (and by extension my shellscript) does not. Unplugging fixes it.

The messages happen as soon as I plug it in, without doing anything.

4

Hi!

  1. If you could confirm on your own hardware that the messages are not shown, that would be ideal, as it would isolate the OS environment completely in the test, and prove the hardware is not faulty.
  2. Regarding the kernel I wonder, have you just not enabled verbose log accidentally, since it seems to work for you. I cannot help in that matter further unfortunately, especially while my Gentoo usage times was long ago. I do not know the direct dependencies for the kernel either; maybe I would say that scsi, usb, mass-storage, usb-storage, uas, input, hid-generic/hid/hidraw or similarly named modules would suffice, but I can’t confirm that.
  3. Indeed the nitrocli and Nitrokey App applications compete with each other, as the underlying libnitrokey accesses the device exclusively, hence they cannot be used at the same time. It should result in the same behavior though, since all device/firmware specific workarounds should be handled in the mentioned library.
  4. To improve Nitrokey Storage performance you could try to disable smart card using applications, e.g. OpenSC daemon (pcscd), since it accesses the smart card and competes with device’s internal use over it (e.g. when the Encrypted Volume is unlocked).
5
  1. Right, I will try it out over the weekend!
  2. I will try to have a look at these, I’ll report back if I find some things. It probably is something debugging related, but the transport indicates command failure part irritated me.
  3. Yeah, as I said, I am confident that as soon as I stop running my unlock script 50 times in a row, it will work properly.

Thanks for the help so far, really appreciated!

1 Like
6

I did try it out over the weekend, Ubuntu 20 has no issues on my hardware so it probably really is my kernel config…
I think I’ll play with the parameters a bit, maybe I’ll find something!

1 Like
7

I found the option in the kernel config, after using xconfig instead of menuconfig.

The parameter was called CONFIG_USB_STORAGE_DEBUG:

disabled
disabled974×656 77.1 KB

After disabling this and rebuilding, everything is running fine!

Thanks for the help!

1 Like