I am trying to use the Nitrokey Pro 2 to serve as authentication for Veracrypt containers following these directions. When using PKCS#11 library, I am unable to store the generated Keyfile in Slot ([0] User PIN), only Slot 2 which, while does allow the use of the Nitrokey to decrypt containers, doesn’t require the use of the PIN so all that’s required is the Nitrokey is plugged into the computer. Not ideal, but certainly convenient!
When I went back and tried to use OpenSC, I was (eventually) able to find the right .so file and proceed with the Keyfile generation. When I went to import the keyfile, Slot 0 and Slot 1 were both available! However, even the 64 bit keyfile returned the following error:
The security token does not have enough memory/space to perform the requested operation.
If you are attempting to import a keyfile, you should select a smaller file or use a keyfile generated by VeraCrypt (select 'Tools' > 'Keyfile Generator').
I’m unsure what to do at this point. I’m assuming that means that I cannot use any file in Slot 0. Out of curiosity, I also tried to use a text file of the exported public key that is already on my Nitrokey and it returned the same error.
Ideally, I’d like to be able to have a VeraCrypt container that can be decrypted using the Nitrokey with the input of my PIN, but if I can’t use the PIN I guess just the Nitrokey alone will suffice.
Any suggestions would be appreciated!