Smart card issues on F22

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Setting up my YubiKey Neo to use PKCS #11/PIV/CCID features for SSH used to work fine, at least on Fedora 20 and 21. Now, with Fedora 22, it cannot ever find the device. I know the device is configured properly because it still works properly on an F21 box I have.

I suspect the issue may be the libinput switch or the move to have PCSC daemon be socket-activated (I think both changes happened between F21 and F22).

Here is what I see from "sudo journalctl -fa" output when I insert it into an F22 machine with PCSC installed:

Jun 08 17:42:53 titan.davidstrauss.net kernel: usb 1-1.1: new full-speed USB device number 13 using xhci_hcd
Jun 08 17:42:53 titan.davidstrauss.net kernel: usb 1-1.1: New USB device found, idVendor=1050, idProduct=0116
Jun 08 17:42:53 titan.davidstrauss.net kernel: usb 1-1.1: New USB device strings: Mfr=1, Product=2, SerialNumber=0
Jun 08 17:42:53 titan.davidstrauss.net kernel: usb 1-1.1: Product: Yubikey NEO OTP+U2F+CCID
Jun 08 17:42:53 titan.davidstrauss.net kernel: usb 1-1.1: Manufacturer: Yubico
Jun 08 17:42:53 titan.davidstrauss.net kernel: usb 1-1.1: ep 0x81 - rounding interval to 64 microframes, ep desc says 80 microframes
Jun 08 17:42:53 titan.davidstrauss.net kernel: input: Yubico Yubikey NEO OTP+U2F+CCID as /devices/pci0000:00/0000:00:14.0/usb1/1-1/1-1.1/1-1.1:1.0/0003:1050:0116.0006/input/input22
Jun 08 17:42:53 titan.davidstrauss.net kernel: hid-generic 0003:1050:0116.0006: input,hidraw0: USB HID v1.10 Keyboard [Yubico Yubikey NEO OTP+U2F+CCID] on usb-0000:00:14.0-1.1/input0
Jun 08 17:42:53 titan.davidstrauss.net kernel: hid-generic 0003:1050:0116.0007: hiddev0,hidraw1: USB HID v1.10 Device [Yubico Yubikey NEO OTP+U2F+CCID] on usb-0000:00:14.0-1.1/input1
Jun 08 17:42:53 titan.davidstrauss.net mtp-probe[3497]: checking bus 1, device 13: "/sys/devices/pci0000:00/0000:00:14.0/usb1/1-1/1-1.1"
Jun 08 17:42:53 titan.davidstrauss.net mtp-probe[3497]: bus: 1, device: 13 was not an MTP device
Jun 08 17:42:53 titan.davidstrauss.net /usr/libexec/gdm-x-session[2121]: (II) config/udev: Adding input device Yubico Yubikey NEO OTP+U2F+CCID (/dev/input/event6)
Jun 08 17:42:53 titan.davidstrauss.net /usr/libexec/gdm-x-session[2121]: (**) Yubico Yubikey NEO OTP+U2F+CCID: Applying InputClass "evdev keyboard catchall"
Jun 08 17:42:53 titan.davidstrauss.net /usr/libexec/gdm-x-session[2121]: (**) Yubico Yubikey NEO OTP+U2F+CCID: Applying InputClass "libinput keyboard catchall"
Jun 08 17:42:53 titan.davidstrauss.net /usr/libexec/gdm-x-session[2121]: (**) Yubico Yubikey NEO OTP+U2F+CCID: Applying InputClass "system-keyboard"
Jun 08 17:42:53 titan.davidstrauss.net /usr/libexec/gdm-x-session[2121]: (II) systemd-logind: got fd for /dev/input/event6 13:70 fd 33 paused 0
Jun 08 17:42:53 titan.davidstrauss.net /usr/libexec/gdm-x-session[2121]: (II) Using input driver 'libinput' for 'Yubico Yubikey NEO OTP+U2F+CCID'
Jun 08 17:42:53 titan.davidstrauss.net /usr/libexec/gdm-x-session[2121]: (**) Yubico Yubikey NEO OTP+U2F+CCID: always reports core events
Jun 08 17:42:53 titan.davidstrauss.net /usr/libexec/gdm-x-session[2121]: (**) Option "Device" "/dev/input/event6"
Jun 08 17:42:53 titan.davidstrauss.net /usr/libexec/gdm-x-session[2121]: (II) input device 'Yubico Yubikey NEO OTP+U2F+CCID', /dev/input/event6 is tagged by udev as: Keyboard
Jun 08 17:42:53 titan.davidstrauss.net /usr/libexec/gdm-x-session[2121]: (II) input device 'Yubico Yubikey NEO OTP+U2F+CCID', /dev/input/event6 is a keyboard
Jun 08 17:42:53 titan.davidstrauss.net /usr/libexec/gdm-x-session[2121]: (**) Option "config_info" "udev:/sys/devices/pci0000:00/0000:00:14.0/usb1/1-1/1-1.1/1-1.1:1.0/0003:1050:0116.0006/input/input22/event6"
Jun 08 17:42:53 titan.davidstrauss.net /usr/libexec/gdm-x-session[2121]: (II) XINPUT: Adding extended input device "Yubico Yubikey NEO OTP+U2F+CCID" (type: KEYBOARD, id 9)
Jun 08 17:42:53 titan.davidstrauss.net /usr/libexec/gdm-x-session[2121]: (**) Option "xkb_layout" "us"
Jun 08 17:42:53 titan.davidstrauss.net /usr/libexec/gdm-x-session[2121]: (II) input device 'Yubico Yubikey NEO OTP+U2F+CCID', /dev/input/event6 is tagged by udev as: Keyboard
Jun 08 17:42:53 titan.davidstrauss.net /usr/libexec/gdm-x-session[2121]: (II) input device 'Yubico Yubikey NEO OTP+U2F+CCID', /dev/input/event6 is a keyboard

Here is what happens when I insert it into an F21 machine with PCSC where it works:

Jun 08 17:47:28 localhost.localdomain kernel: usb 1-14: new full-speed USB device number 41 using xhci_hcd
Jun 08 17:47:29 localhost.localdomain kernel: usb 1-14: New USB device found, idVendor=1050, idProduct=0116
Jun 08 17:47:29 localhost.localdomain kernel: usb 1-14: New USB device strings: Mfr=1, Product=2, SerialNumber=0
Jun 08 17:47:29 localhost.localdomain kernel: usb 1-14: Product: Yubikey NEO OTP+U2F+CCID
Jun 08 17:47:29 localhost.localdomain kernel: usb 1-14: Manufacturer: Yubico
Jun 08 17:47:29 localhost.localdomain kernel: usb 1-14: ep 0x81 - rounding interval to 64 microframes, ep desc says 80 microframes
Jun 08 17:47:29 localhost.localdomain kernel: input: Yubico Yubikey NEO OTP+U2F+CCID as /devices/pci0000:00/0000:00:14.0/usb1/1-14/1-14:1.0/0003:1050:0116.002F/input/input40
Jun 08 17:47:29 localhost.localdomain kernel: hid-generic 0003:1050:0116.002F: input,hidraw2: USB HID v1.10 Keyboard [Yubico Yubikey NEO OTP+U2F+CCID] on usb-0000:00:14.0-14/input0
Jun 08 17:47:29 localhost.localdomain kernel: hid-generic 0003:1050:0116.0030: hiddev0,hidraw3: USB HID v1.10 Device [Yubico Yubikey NEO OTP+U2F+CCID] on usb-0000:00:14.0-14/input1
Jun 08 17:47:29 localhost.localdomain mtp-probe[1612]: checking bus 1, device 41: "/sys/devices/pci0000:00/0000:00:14.0/usb1/1-14"
Jun 08 17:47:29 localhost.localdomain mtp-probe[1612]: bus: 1, device: 41 was not an MTP device
Jun 08 17:47:29 localhost.localdomain pcscd[15961]: 07073649 ifdhandler.c:130:CreateChannelByNameOrChannel() failed
Jun 08 17:47:29 localhost.localdomain pcscd[15961]: 00000017 readerfactory.c:1043:RFInitializeReader() Open Port 0x200000 Failed (usb:1050/0116:libudev:0:/dev/bus/usb/001/041)
Jun 08 17:47:29 localhost.localdomain pcscd[15961]: 00000003 readerfactory.c:335:RFAddReader() Yubico Yubikey NEO OTP+U2F+CCID init failed.
Jun 08 17:47:29 localhost.localdomain gdm-Xorg-:0[1281]: (II) config/udev: Adding input device Yubico Yubikey NEO OTP+U2F+CCID (/dev/input/event14)
Jun 08 17:47:29 localhost.localdomain gdm-Xorg-:0[1281]: (**) Yubico Yubikey NEO OTP+U2F+CCID: Applying InputClass "evdev keyboard catchall"
Jun 08 17:47:29 localhost.localdomain gdm-Xorg-:0[1281]: (**) Yubico Yubikey NEO OTP+U2F+CCID: Applying InputClass "system-keyboard"
Jun 08 17:47:29 localhost.localdomain gdm-Xorg-:0[1281]: (II) Using input driver 'evdev' for 'Yubico Yubikey NEO OTP+U2F+CCID'
Jun 08 17:47:29 localhost.localdomain gdm-Xorg-:0[1281]: (**) Yubico Yubikey NEO OTP+U2F+CCID: always reports core events
Jun 08 17:47:29 localhost.localdomain gdm-Xorg-:0[1281]: (**) evdev: Yubico Yubikey NEO OTP+U2F+CCID: Device: "/dev/input/event14"
Jun 08 17:47:29 localhost.localdomain gdm-Xorg-:0[1281]: (--) evdev: Yubico Yubikey NEO OTP+U2F+CCID: Vendor 0x1050 Product 0x116
Jun 08 17:47:29 localhost.localdomain gdm-Xorg-:0[1281]: (--) evdev: Yubico Yubikey NEO OTP+U2F+CCID: Found keys
Jun 08 17:47:29 localhost.localdomain gdm-Xorg-:0[1281]: (II) evdev: Yubico Yubikey NEO OTP+U2F+CCID: Configuring as keyboard
Jun 08 17:47:29 localhost.localdomain gdm-Xorg-:0[1281]: (**) Option "config_info" "udev:/sys/devices/pci0000:00/0000:00:14.0/usb1/1-14/1-14:1.0/0003:1050:0116.002F/input/input40/event14"
Jun 08 17:47:29 localhost.localdomain gdm-Xorg-:0[1281]: (II) XINPUT: Adding extended input device "Yubico Yubikey NEO OTP+U2F+CCID" (type: KEYBOARD, id 11)
Jun 08 17:47:29 localhost.localdomain gdm-Xorg-:0[1281]: (**) Option "xkb_rules" "evdev"
Jun 08 17:47:29 localhost.localdomain gdm-Xorg-:0[1281]: (**) Option "xkb_model" "pc104"
Jun 08 17:47:29 localhost.localdomain gdm-Xorg-:0[1281]: (**) Option "xkb_layout" "us"
Jun 08 17:47:29 localhost.localdomain pcscd[15961]: 00003773 ifdhandler.c:130:CreateChannelByNameOrChannel() failed
Jun 08 17:47:29 localhost.localdomain pcscd[15961]: 00000010 readerfactory.c:1043:RFInitializeReader() Open Port 0x200001 Failed (usb:1050/0116:libudev:1:/dev/bus/usb/001/041)
Jun 08 17:47:29 localhost.localdomain pcscd[15961]: 00000002 readerfactory.c:335:RFAddReader() Yubico Yubikey NEO OTP+U2F+CCID init failed.

I think the "failed" at the end of the second set of log entries is because I've changed the PIN, stopping fully automatic initialization. At SSH connection time, it asks for the PIN and then works.
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux