Card support stopped workin on macOS in 2019.1 (reason: false positive in Cylance AV software, workaround: whitelist file)

Hugo Tunius's Avatar

Hugo Tunius

26 Aug, 2019 09:27 AM

Hey,

I upgraded to 2019.1 and after this all attemps to use my YubiKey stopped working. gpg --card-stats would just produce an error message about scdeamon not being found. I tried completely removing gpgtools and installing again with the same outcome.

In the end I downgraded to 2018.5 which works fine.

  1. Support Staff 1 Posted by Luke Le on 26 Aug, 2019 09:31 AM

    Luke Le's Avatar

    Hi Hugo,

    we are very sorry for the bad expierience.
    Would you be able to send us the exact error message? Our own smart cards seem to work fine with 2019.1 so any additional debugging information would be of great help.

  2. 2 Posted by Hugo Tunius on 26 Aug, 2019 09:58 AM

    Hugo Tunius's Avatar

    Hey Luke,

    this is what I saw

    $ gpg --card-status
    gpg: error getting version from 'scdaemon': No SmartCard daemon
    gpg: OpenPGP card not available: No SmartCard daemon
    
  3. Support Staff 3 Posted by Luke Le on 26 Aug, 2019 10:19 AM

    Luke Le's Avatar

    Could you also run the following commands:

    which gpg
    ls -l /usr/local/bin/gpg
    
  4. 4 Posted by Hugo Tunius on 26 Aug, 2019 10:23 AM

    Hugo Tunius's Avatar

    I don't have 2019.1 installed anymore, but gpg was in /usr/local/bin/gpg when I checked. I assumed it was symlinked to /usr/local/MacGPG2/bin/gpg2.

    scdaemon was in /usr/local/MacGPG2/libexec/scdaemon

  5. Support Staff 5 Posted by Luke Le on 26 Aug, 2019 10:45 AM

    Luke Le's Avatar

    Sometimes these errors are seen if another gpg (from homebrew/macports/fink) is installed along side.

    Could you have a look if you find a crash log in ~/Library/Logs/DiagnosticReports
    Maybe scdaemon is crashing for a reason.

  6. 6 Posted by Hugo Tunius on 26 Aug, 2019 01:28 PM

    Hugo Tunius's Avatar

    Yup you were right, it was crashing.

    Process:               scdaemon [3255]
    Path:                  /usr/local/MacGPG2/libexec/scdaemon
    Identifier:            scdaemon
    Version:               0
    Code Type:             X86-64 (Native)
    Parent Process:        gpg-agent [1491]
    Responsible:           scdaemon [3255]
    User ID:               502
    
    Date/Time:             2019-08-26 09:42:43.948 +0100
    OS Version:            Mac OS X 10.14.5 (18F132)
    Report Version:        12
    Bridge OS Version:     3.5 (16P5200)
    Anonymous UUID:        3A5F9B52-6A38-8B25-4B36-96F41D07D824
    
    
    Time Awake Since Boot: 680 seconds
    
    System Integrity Protection: enabled
    
    Crashed Thread:        0
    
    Exception Type:        EXC_CRASH (SIGABRT)
    Exception Codes:       0x0000000000000000, 0x0000000000000000
    Exception Note:        EXC_CORPSE_NOTIFY
    
    Termination Reason:    DYLD, [0x1] Library missing
    
    Application Specific Information:
    dyld: launch, loading dependent libraries
    
    Dyld Error Message:
      Library not loaded: @rpath/libksba.8.dylib
      Referenced from: /usr/local/MacGPG2/libexec/scdaemon
      Reason: image not found
    
    Binary Images:
           0x1054cc000 -        0x105527ff7 +scdaemon (0) <334854D0-02FC-3643-BD3E-63F54CB137EF> /usr/local/MacGPG2/libexec/scdaemon
           0x105541000 -        0x105602ff7 +libgcrypt.20.dylib (0) <9DEACF70-3D76-3DD8-BAB4-5FC6C7FC17FA> /usr/local/MacGPG2/lib/libgcrypt.20.dylib
           0x105627000 -        0x10563efff +libgpg-error.0.dylib (0) <EDC4E090-CBF0-3F2D-9892-C2AD9D7C77D7> /usr/local/MacGPG2/lib/libgpg-error.0.dylib
           0x106897000 -        0x1069016ef  dyld (655.1.1) <CE635DB2-D47E-3C05-A0A3-6BD982E7E750> /usr/lib/dyld
    
  7. Support Staff 7 Posted by Luke Le on 26 Aug, 2019 02:29 PM

    Luke Le's Avatar

    Are you using Cylance by any chance or some antivirus? Someone mentioned that the libksba file was identified as problematic. We have not received details yet however.

  8. 8 Posted by Hugo Tunius on 30 Aug, 2019 08:14 AM

    Hugo Tunius's Avatar

    Yup this was my work machine which does use Cylance. That was my first thought too, but I didn't see anything in the logs of Cylance. I'll try on my personal machine which does not have Cylance to verify.

  9. 9 Posted by Hugo Tunius on 30 Aug, 2019 09:40 AM

    Hugo Tunius's Avatar

    I checked and it worked on my personal machine. I also found an entry in Cylance about removing that dylib so you are correct the issue was with Cylance.

  10. 10 Posted by Hugo Tunius on 30 Aug, 2019 11:10 AM

    Hugo Tunius's Avatar

    Just confirming that after whitelisting the dylib in Cylance it all works. Thanks for your help Luke

  11. Support Staff 11 Posted by Luke Le on 30 Aug, 2019 11:20 AM

    Luke Le's Avatar

    Perfect thank you very much for your update!
    The people at Cylance told us that they are using AI for their detection heuristic and it appears to have been off in this case.

  12. Steve closed this discussion on 01 Sep, 2019 04:48 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac