❯ sudo openpgp-tool -K -vv
No smart card readers found.
P:524087; T:0x139775920576512 19:00:49.087 [openpgp-tool] ctx.c:931:sc_release_context: called
error: failed to connect to card: No readers found
Aborting.
❯ cat scdaemon.conf
log-file /tmp/scd.log
debug 0xffff
disable-ccid
❯ cat /tmp/scd.log
cat: /tmp/scd.log: No such file or directory
❯ lsusb | rg -i nitro
Bus 001 Device 023: ID 20a0:42b2 Clay Logic Nitrokey 3
❯ ps aux | rg 'scdaemon|pcsd'
matiu 524000 0.0 0.0 94376 3072 ? SLl 19:00 0:00 scdaemon --multi-server
I just did another update to v1.6.0 but still no luck:
❯ nitropy nk3 update
Command line tool to interact with Nitrokey devices 0.4.43
Do you want to download the firmware version v1.6.0? [Y/n]: y
Download v1.6.0: 100%|███████████████████████████████████████████████████████████████████████████████████| 909k/909k [00:00<00:00, 6.86MB/s]
Current firmware version: v1.5.0
Updated firmware version: v1.6.0
Please do not remove the Nitrokey 3 or insert any other Nitrokey 3 devices during the update. Doing so may damage the Nitrokey 3.
Do you want to perform the firmware update now? [y/N]: y
Please press the touch button to reboot the device into bootloader mode ...
Perform firmware update: 100%|███████████████████████████████████████████████████████████████████████████| 461k/461k [00:05<00:00, 87.5kB/s]
Finalize upgrade: 100%|████████████████████████████████████████████████████████████████████████████████████| 100/100 [00:01<00:00, 59.13%/s]
Ok, we are almost there. For openpgp-tool test, you cannot run scdaemon. Make sure gpg-agent and scdaemon are not running at the time you are testing with openpgp-tool.
For example, start your system clean, make sure pcscd is running or gets started and without touching GPG try openpgp-tool.
After this, you can try gpg --edit-card and then /tmp/scd.log should get created. pcscd should be running at the time you access the smartcard, so you will probably have gpg-agent, scdaemon and pcscd running.
I like running pcscd -adf in the foreground to see live commands sent to the smartcard when troubleshooting. This log will contain your PINs and other possibly secret things, so be careful when sharing. But I don’t know the details if your system - you might need to disable system-level pcscd to do something like this.
I started with a clean boot. I checked that gpg-agent and scdaemon hadn’t started. I killed and restarted pcscd a few times. I dumped the log with sudo pcscd -adf 2>&1 | tee pcscd.log
Once pcscd was running I ran gpg --edit-card and got the same issues.
In ~/.gnupg/scdaemon.conf I have disable-ccid from some forum post.
You could try using the latest experimental v1.6.0-test.20231218 release, which has support for openpgpg factory reset through nitropy . nitropy nk3 factory-reset-app opcard --experimental, and also a full-device factory-reset: nitropy nk3 factory-reset --experimental.
This should not happen. The OpenPGP standard mechanism for factory-reset is performed in 2 steps. GnuPG however does not seem to properly handle the case where only one step has been performed.
APDU: 00 A4 04 00 06 D2 76 00 01 24 01
SW: 62 85
Confirm that this is the error. The experimental nitropy factory-reset functionality does not go through the standard mechanism for factory-reset, and should not be affected by this issue.
He pointed you to new nitropy commands to do a factory reset of the key. Since your last attempt the firmware has progressed, so you can update the key firmware to the latest stable release and perform a factory reset to try again fresh.
