Hallo
Ich habe ein Problem mit einem meiner NK3 A Keys, die “user authentication und desktop login” funktioniert nicht mehr unter Linux Mint. Ich habe bereits ein FIDO2 Factory Reset ausgeführt und ein neur PIN definiert mit dem selben Ergebnis.
Ausgabe nitropy nk3 test:
nitropy nk3 test --pin ********
Command line tool to interact with Nitrokey devices 0.4.40
Found 1 Nitrokey 3 device(s):
- Nitrokey 3 at /dev/hidraw7
Running tests for Nitrokey 3 at /dev/hidraw7
[1/4] uuid UUID query SUCCESS 7868C13D7EB4AA51907ECA3B49AE4A3E
[2/4] version Firmware version query SUCCESS v1.5.0
[3/4] status Device status SUCCESS Status(init_status=<InitStatus.0: 0>, ifs_blocks=74, efs_blocks=478, variant=<Variant.LPC55: 1>)
Please press the touch button on the device ...
[4/4] fido2 FIDO2 FAILURE 'x5c'
4 tests, 3 successful, 0 skipped, 1 failed
Summary: 1 device(s) tested, 0 successful, 1 failed
Critical error:
Test failed for 1 device(s) here
Auszug ‘/tmp/nitropy.log.3j05awmw’:
197 INFO pynitrokey.cli Timestamp: 2023-10-14 22:09:19.612227
197 INFO pynitrokey.cli OS: uname_result(system='Linux', node='degone', release='6.2.0-34-generic', version='#34~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Thu Sep 7 13:12:03 UTC 2', machine='x86_64')
197 INFO pynitrokey.cli Python version: 3.10.12
197 INFO pynitrokey.cli Cli arguments: ['nk3', 'test', '--pin', '[redacted]']
198 INFO pynitrokey.cli pynitrokey version: 0.4.40
199 INFO pynitrokey.cli cryptography version: 39.0.2
199 INFO pynitrokey.cli ecdsa version: 0.18.0
200 INFO pynitrokey.cli fido2 version: 1.1.1
200 INFO pynitrokey.cli pyusb version: 1.2.1
201 INFO pynitrokey.cli spsdk version: 1.10.1
202 INFO pynitrokey.cli.nk3.test platform: Linux-6.2.0-34-generic-x86_64-with-glibc2.35
202 INFO pynitrokey.cli.nk3.test uname: uname_result(system='Linux', node='degone', release='6.2.0-34-generic', version='#34~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Thu Sep 7 13:12:03 UTC 2', machine='x86_64')
390 INFO libusbsio Loading SIO library: /home/**/.local/pipx/venvs/pynitrokey/lib/python3.10/site-packages/libusbsio/bin/linux_x86_64/libusbsio.so
392 INFO libusbsio HID enumeration[94489173171648]: initialized
PermissionError: [Errno 13] Permission denied: '/dev/hidraw6'Traceback (most recent call last):
File "/home/deg/.local/pipx/venvs/pynitrokey/lib/python3.10/site-packages/fido2/hid/linux.py", line 98, in list_descriptors
devices.append(get_descriptor(hidraw))
File "/home/deg/.local/pipx/venvs/pynitrokey/lib/python3.10/site-packages/fido2/hid/linux.py", line 55, in get_descriptor
with open(path, "rb") as f:
458 DEBUG fido2.hid.linux Failed opening device /dev/hidraw3531 DEBUG root print: Found 1 Nitrokey 3 device(s):
531 DEBUG root print: - Nitrokey 3 at /dev/hidraw7
531 DEBUG root print: Running tests for Nitrokey 3 at /dev/hidraw7
539 DEBUG root print: [1/4] uuid UUID query SUCCESS 7868C13D7EB4AA51907ECA3B49AE4A3E
547 DEBUG root print: [2/4] version Firmware version query SUCCESS v1.5.0
555 INFO pynitrokey.cli.nk3.test Device status: Status(init_status=<InitStatus.0: 0>, ifs_blocks=74, efs_blocks=478, variant=<Variant.LPC55: 1>)
555 DEBUG root print: [3/4] status Device status SUCCESS Status(init_status=<InitStatus.0: 0>, ifs_blocks=74, efs_blocks=478, variant=<Variant.LPC55: 1>)
1633 DEBUG fido2.server Fido2Server initialized for RP: PublicKeyCredentialRpEntity(name='Example RP', id='example.com')
1634 DEBUG fido2.server Starting new registration, existing credentials:
1636 DEBUG root print: Please press the touch button on the device ...
1637 DEBUG fido2.client Register a new credential for RP ID: example.com
1855 DEBUG fido2.ctap2.pin Got PIN token for permissions: None
1855 DEBUG fido2.ctap2.base Calling CTAP2 make_credential
2119 DEBUG fido2.hid Got keepalive status: 02
2367 DEBUG fido2.hid Got keepalive status: 02
2615 DEBUG fido2.hid Got keepalive status: 02
2867 DEBUG fido2.hid Got keepalive status: 02
3115 DEBUG fido2.hid Got keepalive status: 02
3363 DEBUG fido2.hid Got keepalive status: 02
3615 DEBUG fido2.hid Got keepalive status: 02
3863 DEBUG fido2.hid Got keepalive status: 02
4111 DEBUG fido2.hid Got keepalive status: 02
4363 DEBUG fido2.hid Got keepalive status: 02
4611 DEBUG fido2.hid Got keepalive status: 01
4805 ERROR pynitrokey.cli.nk3.test An exception occured during the execution of the test fido2:
Traceback (most recent call last):
File "/home/deg/.local/pipx/venvs/pynitrokey/lib/python3.10/site-packages/pynitrokey/cli/nk3/test.py", line 375, in run_tests
result = test_case.fn(ctx, device)
File "/home/deg/.local/pipx/venvs/pynitrokey/lib/python3.10/site-packages/pynitrokey/cli/nk3/test.py", line 304, in test_fido2
cert = make_credential_result.attestation_object.att_stmt["x5c"]
KeyError: 'x5c'
4806 DEBUG root print: [4/4] fido2 FIDO2 FAILURE 'x5c'
4806 DEBUG root print: 4 tests, 3 successful, 0 skipped, 1 failed
4806 DEBUG root print: Summary: 1 device(s) tested, 0 successful, 1 failed
4806 DEBUG root print: Critical error:
4806 DEBUG root print: Test failed for 1 device(s)
4806 DEBUG root listing all connected devices:
4811 DEBUG root :: 'Nitrokey FIDO2' keys
4811 DEBUG root :: 'Nitrokey Start' keys:
4840 DEBUG root :: 'Nitrokey 3' keys
Beim Versuch die pamu2fcfg
Keys zu generieren:
pamu2fcfg > ~/.config/Nitrokey/u2f_keys
Enter PIN for /dev/hidraw7:
error: fido_cred_verify (-7) FIDO_ERR_INVALID_ARGUMENT
Hoffe ihr könnt mi weiterhelfen, danke!