"Jeremie Courreges-Anglas" <j...@wxcvbn.org> writes:
>
> Indeed, it looks like there was some regression in scdaemon. Can you
> please confirm that your yubikey was usable and useful with
> gnupg-2.2.41?
>
Yes, it was and it is now working again after reinstalling gnupg-2.2.41
using ports.
>
> With a borrowed and otherwise virgin (I think) Yubikey 5 NFC with
> firmware version 5.1.2, I get:
>
> shannon ~$ usbdevs -v
> [...]
> addr 04: 1050:0407 Yubico, YubiKey OTP+FIDO+CCID
> full speed, power 30 mA, config 1, rev 5.12
> [...]
> shannon ~$ ykman info
> WARNING: No OTP HID backend available. OTP protocols will not function.
> ERROR: Unable to list devices for connection
> Device type: YubiKey 5 NFC
> Serial number: <REDACTED>
> Firmware version: 5.1.2
> Form factor: Keychain (USB-A)
> Enabled USB interfaces: OTP, FIDO, CCID
> NFC transport is enabled.
>
> Applications USB NFC
> OTP Enabled Enabled
> FIDO U2F Enabled Enabled
> FIDO2 Enabled Enabled
> OATH Enabled Enabled
> PIV Enabled Disabled
> OpenPGP Enabled Enabled
> YubiHSM Auth Not available Not available
>
> shannon ~$ LC_ALL=C.UTF-8 gpg --card-status
> Reader ...........: Yubico YubiKey OTP FIDO CCID 00 00
> Application ID ...: <REDACTED>
> Application type .: OpenPGP
> Version ..........: 2.1
> Manufacturer .....: Yubico
> Serial number ....: <REDACTED>
> Name of cardholder: [not set]
> Language prefs ...: [not set]
> Salutation .......:
> URL of public key : [not set]
> Login data .......: [not set]
> Signature PIN ....: not forced
> Key attributes ...: rsa2048 rsa2048 rsa2048
> Max. PIN lengths .: 127 127 127
> PIN retry counter : 3 0 3
> Signature counter : 0
> Signature key ....: [none]
> Encryption key....: [none]
> Authentication key: [none]
> General key info..: [none]
Was that output using gnupg-2.4.3?
My Yubikey has a newer firmware (5.4.3). Here is what I get:
$ usbdevs -v
[...]
addr 03: 1050:0406 Yubico, YubiKey FIDO+CCID
full speed, power 30 mA, config 1, rev 5.43
driver: uhidev0
driver: ugen0
[...]
$ ykman info
WARNING: No OTP HID backend available. OTP protocols will not function.
Device type: YubiKey 5C Nano
Serial number: <REDACTED>
Firmware version: 5.4.3
Form factor: Nano (USB-C)
Enabled USB interfaces: FIDO, CCID
Applications
OTP Disabled
FIDO U2F Enabled
FIDO2 Enabled
OATH Enabled
PIV Enabled
OpenPGP Enabled
YubiHSM Auth Disabled
$ gpg --card-status
Reader ...........: Yubico YubiKey FIDO CCID 00 00
Application ID ...: <REDACTED>
Application type .: OpenPGP
Version ..........: 3.4
Manufacturer .....: Yubico
Serial number ....: <REDACTED>
Name of cardholder: <REDACTED>
Language prefs ...: [not set]
Salutation .......:
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: not forced
Key attributes ...: ed25519 cv25519 ed25519
Max. PIN lengths .: 127 127 127
PIN retry counter : 3 0 3
Signature counter : 0
KDF setting ......: off
Signature key ....: <REDACTED>
Encryption key....: <REDACTED>
Authentication key: <REDACTED>
General key info..: <REDACTED>
$ gpg --version
gpg (GnuPG) 2.2.41
libgcrypt 1.10.2
Copyright (C) 2022 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: <REDACTED>
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
--
Renato Aguiar
