Hello,
I would like to use a nitrokey hsm in a docker container. I use ubuntu20.04 on my host.
I tried the following Dockerfile as example:
FROM ubuntu
RUN apt update && apt install -y openssl libssl-dev opensc p11-kit pcsc-tools
CMD [ "bash" ]
Then I build the Image:
docker build -t test:latest ./
Run it:
docker run --rm --privileged -v /dev:/dev --cap-add=ALL -it test:latest
And then tried to use it in the container on the bash:
root@a337:/# pkcs15-tool -D
No smart card readers found.
root@a337:/# pkcs11-tool --module /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so -l --pin abcd1234 --list-objects
No slots.
root@a337:/# service pcscd start
root@a337:/# pcsc_scan
Using reader plug'n play mechanism
Scanning present readers...
Waiting for the first reader...
(It does not find a reader, scans for ever)
root@a337:/# p11-kit list-modules
.... It does not list the hsm.
root@a337:/# dmesg | tail
[77730.802622] usb 2-2: new full-speed USB device number 9 using ohci-pci
[77731.119273] usb 2-2: New USB device found, idVendor=20a0, idProduct=4230, bcdDevice= 1.01
[77731.119275] usb 2-2: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[77731.119276] usb 2-2: Product: Nitrokey HSM
[77731.119277] usb 2-2: Manufacturer: Nitrokey
[77731.119278] usb 2-2: SerialNumber: xxxxx
And I can find the usb in /dev/bus/usb/002/009
If I try all the commands on my host, not in the container, all the commands work.
Ahha Sorry I missed mentioning that already tried all the steps mentioned in : Use Nitrokey HSM in Docker container, but it didn’t work for me, let me get back to you with more details