Unable to set values on Yubikey
Ingo Klöcker
kloecker at kde.org
Sun Dec 20 17:59:41 CET 2020
On Sonntag, 20. Dezember 2020 15:32:02 CET Mark Gannon wrote:
> Hello,
>
> Using GPG version 2.2.25 I am unable to set values other than the user and
> admin pins. When I use the verify function to check the pin, it is
> successful. This happens both on a new Yubikey 5 and a Yubikey 4 that was
> reset.
>
> Steps to reproduce
> 1. Set user and admin pins.
Did you set those PINs with gpg? Or did you use some other application?
> 2. Run "gpg --card-edit"
> 3. Enter admin mode with the admin command
> 4. Enter name
> 5. Enter surname
> 6. Enter first name
>
> Produces the response:
> gpg: error setting Name: Bad PIN
> Note, it does not prompt me for the PIN before producing the error.
>
>
> gpg --card-status produces:
[snip]
> PIN retry counter : 0 0 0
All PIN retry counters are 0, i.e. user PIN and admin PIN are both blocked.
Either gpg reads the values incorrectly from the Yubikey or you have entered
"wrong" PINs several times while experimenting with the Yubikey. Since even
the admin PIN is blocked, I guess you need to factory-reset the Yubikey.
To debug this run
gpg --debug=ipc --card-status
This will show the communication between gpg and scdaemon (the smartcard
helper application that gpg uses to access smartcards).
Regards,
Ingo
More information about the Gnupg-users
mailing list