Secure key

hello all,

I’ve generated pub and priv key. uploaded the pub key on keys.gnupg.net

when i go to my second computer for use the nitrokey I do this step :

nsa38.casimages.com/img/2016/09/30/160930122238254506.png

nsa38.casimages.com/img/2016/09/30/160930122424982400.png

i do the GPG --card-edit + fetch

nsa38.casimages.com/img/2016/09/30/160930122631524423.png

but the pin code is not asked to me !

so if someone find the card because i’ve lost it, he can use my private key !

Can you help me ?

Thx a lot.

The fetch command does download the public key that matches your private key on the Nitrokey from the URL you specified
and adds it to the keyring of your computer.

The fetch command does NOT access your private key or change anything on the card so there is no need to query a PIN.

Even though the parameter --card-edit looks like allowing to edit the card’s settings without asking for a PIN
this is not the case. The PIN is asked just before you really change something.

Just try gpg --card-edit
and enter the command “admin > name” then
and change your name that is stored in the card. It will ask for a PIN (or you really have a problem :wink:

thx for your reply !

I confirm your wirte !

But now i’ve a problem the card is locked !

nsa37.casimages.com/img/2016/09/30/160930031629960965.png

How can i unlock it ?

What did you do to lock your card? Have you entered the wrong user PIN three times?

Please check the “PIN retry counter(s)” with

The reset code for the card could be the admin PIN which is by default 12345678
(see the FAQ entry nitrokey.com/documentation/frequently-asked-questions#what-is-the-default-pinpassword).
Please enter your admin PIN if you have changed it (NOT the default!).

Try this just once! After three retry failures you have to reset your Nitrokey completely using this instructions:
nitrokey.com/documentation/frequently-asked-questions#how-to-reset-a-nitrokey

nsa38.casimages.com/img/2016/09/30/160930041136338499.png

I don’t change it so, it’s 12345678 i’ve used.

Thx very mutch for your help

BTW: Which smartcard are you using? The manufacturer “unmanaged S/N range” does not look like a Nitrokey (which doesn’t matter to answer your questions of course :slight_smile:`

nsa38.casimages.com/img/2016/09/30/160930043156516706.jpg

the photo of my card ! :smiley:

Are you aware of the different user and admin PINs? The default user PIN is 123456 but not 12345678. If you enter a wrong admin PIN three times and didn’t prepare a public key for firmware update, there is no way to reset your Nitrokey Start.