Using the Nitrokey 3 via NFC reader under Linux

Hi!

After finally receiving my NK 3C-NFC, I tried to use it on my Linux work machine, where I have no USB-C port, but a connected NFC smart card reader.
Using pcsc_scan, the NK is detected, although it seems a little inconsistent:

  • When I am not putting a finger on the key when putting it on the reader, it immediately disconnects again. Is this expected behavior tying into a ‘touch-confirmation’ feature?
  • Every once in a while, the key is not showing up in pcsc_scan at all any more, then the only thing to bring it’s NFC back seems to be to connect it to my phone’s USB-C port for a short while.

However, even if pcsc_scan reports a stable NFC connection, nitropy list is not showing any keys, even when starting it with sudo privileges.

Has anyone insight into what might be cause for the unreliable NFC connection?
Are there people out there who have successfully used a NK-NFC with a Linux NFC reader?

I have now had access to a PC with a USB-C port, and was able to list the device and upgrade the firmware to 1.0.2 using the nitropy tool.

However still no luck with the NFC interface, I also tested it with the smartphone of two friends, and could not get it to be recognized, whereas competing tokens worked without issues.

While willing to help debug the issue (at least until the return window is closing), I am kind of loosing faith in the NFC functionality of my NK-3C. :confused:

Hi!

  1. We are working on v1.0.4 release, where the USB communication (and potentially NFC) is improved, which might be tied with losing the connection issue you have.
  2. I will ask what NFC readers were tested with Nitrokey 3.
  3. I will confirm if nitropy list works with NFC readers (I expect so).

Forgot to mention, that one side of the Nitrokey 3 is more susceptible to NFC signal than the other. See more troubleshooting documentation here:

Yeah, the side-preference is something I’ve also seen in testing, although as opposed to the product images my token is lacking any kind of printing. But even then it is not giving me reproducible results. Even if I put the same, “good” side onto the reader a connection might be established, might be resetting constantly, or the reader might not detect the NFC device at all. As described, in the later case I can only revive the NFC detection by connecting the token via USB to a host device. For me it seems like there is some kind of state-machine lockup happening, or another condition which makes the token undetectable for the NFC reader sporadically. However, other tags, tokens and smart cards continue to work even in between detection issues, so I would not suspect any problems with the reader or my host software.
I am using a CCID driver compatible “Cherry Secure Board 1.0” keyboard with a NFC reader cradle, which makes it easier to place the token repeatedly in the same position on the reader, but to little or no success.