Download raw body.
[NEW]: security/nitrocli
Kirill A. Korinsky wrote: > Without giving enough permission list command returns instantly: > > No Nitrokey device connected > > When I run it as root, it had the same behaviour with blocking. > > BTW I see the key via gpg --card-status. So, something works. > > I've tried to stop pcscd and kill gpg-agent, it doesn't help. > > and when I plug I do have lines: > > uhidev0 at uhub0 port 2 configuration 1 interface 1 "Nitrokey Nitrokey 3" rev 2.10/1.07 addr 2 > uhidev0: iclass 3/0 > fido0 at uhidev0: input=64, output=64, feature=0 > ugen0 at uhub0 port 2 configuration 1 "Nitrokey Nitrokey 3" rev 2.10/1.07 addr 2 > > which is almost the same that I do have when replace it into YubiKey: > > uhidev0 at uhub0 port 2 configuration 1 interface 0 "Yubico YubiKey FIDO+CCID" rev 2.00/5.10 addr 2 > uhidev0: iclass 3/0 > fido0 at uhidev0: input=64, output=64, feature=0 > ugen0 at uhub0 port 2 configuration 1 "Yubico YubiKey FIDO+CCID" rev 2.00/5.10 addr 2 > > and this Nitrokey seens by system as: > > addr 02: 20a0:42b2 Nitrokey, Nitrokey 3 > full speed, power 100 mA, config 1, rev 1.07 > driver: uhidev0 > driver: ugen0 > Thanks for the report. Definitively, running the command as root should solve the permission issues. This makes me wonder if nitrocli actually support the Nitrokey 3. The documentation for the software is not very explicit but it links to the Nitrokey Pro 2, the Nitrokey Storage 2, and Librem Key pages. The Nitrokey people has an actual official python implementation for managing their products via CLI. You may try to play with that one. The Nitro-app GUI application could also be persuaded into compiling last time I checked, but it came with caveats - it had a tendency to freeze if you unplugged the Nitrokey while the App was running, I think. I am going to test my nitrocli port against a recent -current this tuesday, just in case the port got broken somehow, but my hunch is modern devices simply don't work with this libnitrokey implementation.
[NEW]: security/nitrocli