I’ve been using the NK2 Pro for around two years now for PGP, SSH and OTP / PW storage in the past and it worked well so far after my initial setup.
Recently I’ve received the NK3 which I’m now using for SSH and FIDO2 and it’s also working well, at least when using by itself.
However, for PGP I still have to rely on the NK2 Pro and whenever I’m trying to execute any PGP operation after I’ve used the NK3 it fails and I get an error message stating decryption failed: no secret key
. If I do the same operation after re-plugging both Keys (without using the NK3 prior to that) it works normally … until I use the NK3 again and then the error starts again.
The other way around it’s the same. If I first do some PGP operation using the NK2 Pro and I then try to use the NK3 it fails. (for example nitropy nk3 list
I get critical error: An unahndled exception occured Exception encountered: TimeoutError(110, 'Connection timed out')
) And looking at the /tmp/nitrpy.log.*
file looks like there is some permission issue:
444 DEBUG fido2.hid.linux Skip device: [Errno 13] Permission denied: '/dev/hidraw3'
444 DEBUG fido2.hid.linux Found CTAP device: /dev/hidraw0
444 DEBUG fido2.hid.linux Skip device: [Errno 13] Permission denied: '/dev/hidraw12'
444 DEBUG fido2.hid.linux Skip device: [Errno 13] Permission denied: '/dev/hidraw11'
444 DEBUG fido2.hid.linux Skip device: [Errno 13] Permission denied: '/dev/hidraw7'
444 DEBUG fido2.hid.linux Skip device: [Errno 13] Permission denied: '/dev/hidraw13'
444 DEBUG fido2.hid.linux Skip device: [Errno 13] Permission denied: '/dev/hidraw14'
444 DEBUG fido2.hid.linux Skip device: [Errno 13] Permission denied: '/dev/hidraw9'
444 DEBUG fido2.hid.linux Skip device: [Errno 13] Permission denied: '/dev/hidraw8'
444 DEBUG fido2.hid.linux Skip device: [Errno 13] Permission denied: '/dev/hidraw6'
444 DEBUG fido2.hid.linux Skip device: [Errno 13] Permission denied: '/dev/hidraw4'
444 DEBUG fido2.hid SEND: fffffffxxxxxxxxxxxxdddmkhhhhgggff
5630 WARNING pynitrokey.cli An unhandled exception occurred
even though I’ve copied & applied the 41-nitrokey.rules
into /etc/udev/ruled.d
If I do the same command without any PGP operation prior with the NK2 Pro it works absolutely fine.
I was wondering: is anyone else having this issue? Or is this a misconfiguration on my side?
edit: I am on arch linux on kernel 5.17.3, gpg version 2.2.35, nitrocli 0.4.1, libnitrokey v3.7, nitropy 0.4.21