Unable to boot Nitropad anymore

NitroPad, NitroPC
#1

So running into this problem:

  1. Boot
  2. Get the error invalid signature on kexec boot parameter
  3. Go to options >> update checksums and sign files
  4. When I get told to enter my pin I have two issues
  • Is the pin the same as my admin pin? (Elsewhere in the bootup it specified admin pin for something different)
  • I have used up my 5 attempts and I have no idea how to reset my pin now.

Any tips for the last 2 qs please?

#2

There is a

  • User PIN, used for signing files
  • Admin PIN, used for administrative tasks like creating a new key pair or resetting User PIN
  • Reset Code, when this was created, it can be used to reset User PIN

Have also a look at the documentation.

After an update, the files need to be verified and signed when they cannot have been tampered with. This is done with the User PIN.

On Nitrokey Start, there is also an option of admin-less mode depending on how the key was initialized. Then the same PIN is used for both.

The User PIN can be reset using the Admin PIN or a Reset Code or by factory reset of the Nitrokey. Depending on whether the RSA Key is used anywhere else and in case of Nitrokey Storage, whether there is valuable data on the key, the latter option might be used carefully as key/data might be lost.

Booted e.g. from a Linux Live CD with gnupg2 available, you could unblock the User PIN via

$ gpg --card-edit
> admin
> passwd
> 2 - unblock PIN

It would be helpful to see gpg --card-status output to see the current PIN counters.

1 Like