Some problems with Nitrokey 3

Hello everyone
I have recently bought a Nitrokey 3 NFC, I have several doubts (I have tried in MAC OSX and Linux UBUNTU, same problems)

1.- When I run nitropy nk3 test --pin 1234567, I receive this result and I don’t know if it is correct (in BOLD):
xxxxxxxxx@MBP-dxxxxxx ~ % nitropy nk3 test --pin xxxxxxxx
Command line tool to interact with Nitrokey devices 0.4.45
Found 1 Nitrokey 3 device(s):

  • Nitrokey 3 at 4294982472

Running tests for Nitrokey 3 at 4294982472

[1/5] uuid UUID query SUCCESS XXXXXXXXXXXXXXXXXXXXXXXX
[2/5] version Firmware version query SUCCESS v1.6.0
[3/5] status Device status SUCCESS Status(init_status=<InitStatus: 0>, ifs_blocks=36, efs_blocks=473, variant=<Variant.LPC55: 1>)
Running SE050 test: |
[4/5] se050 SE050 SKIPPED Testing SE050 functionality is not supported by the device
Please press the touch button on the device…
Please press the touch button on the device…
[5/5] fido2 FIDO2 SUCCESS

5 tests, 4 successful, 1 skipped, 0 failed

2.- Other problem is with PGP:
gpg --card-status
gpg: selecting card failed: Operation not supported by device
gpg: OpenPGP card not available: Operation not supported by device

All apps are in the last versión available, I have searched in FAQ and the solutions don´t solve the 2nd problem
Thanks in advance

In production firmware secure element is not implementet,

Ok, thanks for your reply, but the other problem any suggestion?

2.- Other problem is with PGP:
gpg --card-status
gpg: selecting card failed: Operation not supported by device
gpg: OpenPGP card not available: Operation not supported by device

I have read this post: MacOS 10.11.6: gpg --card-status = Operation not supported by device but the problem for me is the same in MAC OSX and Linux

Please see here

I am very new to this too, my hint there are rival driver/services about the usb-stick.

https://support.nitrokey.com/t/nitrokey-3-and-opensc-pkcs-11-linux/4981

May be reading this will help.

Thanks for your answers but I don’t understand why I have the same problem with gpg on three different operating systems, MAC OSX, Linux Ubuntu and Tail OS, every time I execute the command:

gpg --card-status
gpg: selecting card failed: Operation not supported by device
gpg: OpenPGP card not available: Operation not supported by device

Thanks, but it very complicated for me, I bought Nitrokey thinking that it would be easier to configure, but I see that I have to be an advanced programmer and install applications, some of which are not stable, to be able to make it work. I think this is not available to everyone, I chose Nitrokey because it was open source, but maybe I regretted it and should have bought a Yubikey…

It is, in Linux and Win openpgp works with Kleopatra, in Win you install it automaticly with gpg4win, but first take a look at:
OpenPGP smartcard with GnuPG on Fedora
or
OpenPGP Troubleshooting
or
OpenPGP Troubleshooting

1 Like

I have installed Kleopatra on a PC with Windows 11, bored that NitroKey does not work on MAC or Linux and it doesn’t work either, I connect Nitrokey to the USB port and Windows detects it as an “unknown card” then I open Kleopatra and it doesn’t recognize the NitroKey 3 either. that I give it to recharge.
In Linux, every time I try to install an app for it to work, it asks me to install other dependencies and those others too, total a loop…
I’m already a little tired of this being so complicated, I don’t know if this device is defective or if we have to study engineering to handle it…

I am really sorry for wasting my time and money.
Thanks for your help
Greetings

I know how you feel, but opening post shows, stick is working.
Here old laptop win10 key shows up as Nitrokey 3 and a Smartcard.
May be you check usb https://docs.nitrokey.com/software/nitropy/windows/installation.html?highlight=libusb#known-issues

Hi,

Was OpenPGP ever detected on the device? If so, what action did you perform on the device before gpg failed to accept the device?

On linux, can you please try to use pcscd. and install OpenSC’s openpgp-tool, and try running opengpg-tool -C ?

Best,
Sosthène

Hi,

I’m experiencing the same issue with a new bought Nitrokey. The output of opengpg-tool -C with a Nitrokey 3A NFS inserted is:

Using reader with a card: Nitrokey Nitrokey 3 [CCID/ICCD Interface] 00 00
Failed to connect to card: Card is invalid or cannot be handled
error: failed to connect to card: Card is invalid or cannot be handled
Aborting.

When I insert a Yubikey, the output of opengpg-tool -C is:

Using reader with a card: Yubico Yubikey NEO OTP+U2F+CCID 00 00
AID:             d2:76:00:01:24:01:02:00:00:06:03:81:14:60:00:00
Version:         2.0
Manufacturer:    Yubico
Serial number:   03811460

Therefor, I assume the problem is with the Nitrokey.

Best,

Kostas

1 Like

Hi,

I’m experiencing the same issue with a new bought Nitrokey. The output of opengpg-tool -C with a Nitrokey 3A NFS inserted is:

Using reader with a card: Nitrokey Nitrokey 3 [CCID/ICCD Interface] 00 00
Failed to connect to card: Card is invalid or cannot be handled
error: failed to connect to card: Card is invalid or cannot be handled
Aborting.

This appears to be a problem that has already been reported on this forum.

You can find instruction for a fix here. We are working on making this state recoverable with the stable firmware.

Could you please describe the actions you took with the device that lead to it being in this state? This is not a state that should normally happen.

Did you attempt to factory-reset your device before it got into this state?

Best,
Sosthène

Hi Sosthène,

Thanks, the problem has been solved. I indeed did attempt to factory-reset the device before it got in this state. If you need any additional information, let me know.

Best,

Kostas

indeed did attempt to factory-reset

Thank you.

Did anything particular happen during this?

To quickly explain the problem:

The factory reset operation is in 2 steps. The first step “locks” the device, the second step deletes everything before re-enabling the device. This is how the standard is designed.

Both operations are normally done right after each other, but if for some reason the second is not done, the devices gets in a sort of “intermediary” state.

There is currently a bug with the 1.6.0 firmware where if the device is disconnected while in this state, the second step will not work. A fix is on the way.

Did you unplug the device during the factory reset, or did the factory reset just fail without reason?
If it failed without reason, we probably have a second bug to look for.

Thanks,
Sosthène.

Hi Sosthène,

Most probably I was impatient and unplugged the Nitrokey before step 2. If I remember correctly, I was asked to touch the Nitrokey but there was a timeout / nothing happened.

Best,

Kostas

Solved,

  • Factory Reset
  • Installed Test firmware release
  • WORKS!