tag:gpgtools.tenderapp.com,2011-11-04:/discussions/problems/58454-after-updating-to-gpgtools-20171-yubikey-no-longer-functions-properly-both-in-mail-gpg2-card-editGPGTools: Discussion 2018-03-13T11:14:14Ztag:gpgtools.tenderapp.com,2011-11-04:Comment/435537162017-10-03T15:04:48Z2017-10-03T15:04:48Zafter updating to GPGtools 2017.1 Yubikey no longer functions properly (both in Mail & gpg2 --card-edit)<div><p>So on my issue a reboot did not appear to fix the strange behavior where after a period of time Mail hangs when trying to decrypt a message and "ssh-add -l" hangs when issued as well. I have to remove and reinsert the card to get things back on track. If there is other data I can collect to help troubleshoot what is happening here let me know. Otherwise, I am contemplating downgrading back to 2016.10_v2 to get back to smoother operation.</p>
<p>Teoclaid: as for your issue, downgrading to a previous version of GPGTools just requires you to run the previous installer. I've also made backups of my ~/.gnupg directory prior to each upgrade and have been restoring that as part of the downgrade process too, though I'm not sure that's strictly necessary. I've been doing so because I recall reading somewhere the GPG upgrade modifies the keys somehow.</p></div>gpg_dudetag:gpgtools.tenderapp.com,2011-11-04:Comment/435537162017-10-03T15:21:58Z2017-10-03T15:21:59Zafter updating to GPGtools 2017.1 Yubikey no longer functions properly (both in Mail & gpg2 --card-edit)<div><p>I'm back up and running! I think what I thought was a backup of my full keys must just have been a stub(?). I realised I had a copy of my GPG keys on my iPhone so imported that copy to my GPG Keychain.</p>
<p>After that I followed the instructions in <a href="https://developers.yubico.com/PGP/Importing_keys.html">https://developers.yubico.com/PGP/Importing_keys.html</a> (having first reset the applet), and now my Yubikey is happy with decrypting in mail and anywhere else. phew!</p></div>teoclaidtag:gpgtools.tenderapp.com,2011-11-04:Comment/435537162017-10-03T15:41:34Z2017-10-03T15:41:35Zafter updating to GPGtools 2017.1 Yubikey no longer functions properly (both in Mail & gpg2 --card-edit)<div><p>@teoclaid: concratulations - its always good to have a second (offline) place to have the secret key available. Maybe your backup of the secret key was made/overwritten after you moved the secret keys to the yubikey - therefore only the stubs were in it. please check filedate of the "backup" and try to remember when you originally put your secret keys to the yubikey with keytocard :-)</p>
<p>i've also learned that my original setup before updateing (osx 10.10.5 yosemite) under gpgtools 2016.2 (GnuPG/MacGPG2 Version 2.0.30) accessed the yubikey with the (gnupg-buildin) ccid driver and the new gpgtools 2017.1 is using the pc/sc interface driver (which was the source of my problem as it doesn't work correctly until i installed the yubikey neo manager application). I am not sure if ccid (fallback) works correctly with 2017.1</p></div>MartinBatag:gpgtools.tenderapp.com,2011-11-04:Comment/435537162017-10-09T17:01:19Z2017-10-09T17:01:19Zafter updating to GPGtools 2017.1 Yubikey no longer functions properly (both in Mail & gpg2 --card-edit)<div><p>@Luke - after a week of banging my head against the wall and constantly removing and reinserting my yubikey multiple times per hour (along with killing gpg-agent which I already did with previously releases) I've had to downgrade back to 2016_10.v2. Let me know if I should start a new thread about the usability issues since technically the problem(s) that spawned this thread were resolved.</p></div>gpg_dudetag:gpgtools.tenderapp.com,2011-11-04:Comment/435537162017-10-10T14:08:34Z2017-10-10T14:08:35Zafter updating to GPGtools 2017.1 Yubikey no longer functions properly (both in Mail & gpg2 --card-edit)<div><p>@gpg_dude - did you try resetting the applet and reinstalling your keys onto the Yubikey? That completely solved the problem for me...</p></div>teoclaidtag:gpgtools.tenderapp.com,2011-11-04:Comment/435537162017-12-06T11:57:42Z2017-12-06T11:57:43Zafter updating to GPGtools 2017.1 Yubikey no longer functions properly (both in Mail & gpg2 --card-edit)<div><p>So I was also getting "bad pin" when using my Yubikey (2017.1 on High Sierra). It turns out that the "problem", was that I was using one passphrase for the regular pin and a different passphrase for admin, reset and unblock. Apparently the regular pin is not used for signing mails and such anymore, but the admin pin is. So I've solved my problem by just having the same passphrase for all the pins on my Yubikey. It would however be nice if anyone knows how to use the regular pin and not the admin pin for signing.</p></div>jbrtag:gpgtools.tenderapp.com,2011-11-04:Comment/435537162017-12-06T17:35:09Z2017-12-06T17:35:09Zafter updating to GPGtools 2017.1 Yubikey no longer functions properly (both in Mail & gpg2 --card-edit)<div><p>@jbr I'm not on High Sierra, but that doesn't sound right. Are you sure you didn't get the admin & regular PIN's transposed?</p></div>gpg_dudetag:gpgtools.tenderapp.com,2011-11-04:Comment/435537162017-12-07T08:24:01Z2017-12-07T08:28:59Zafter updating to GPGtools 2017.1 Yubikey no longer functions properly (both in Mail & gpg2 --card-edit)<div><p>@gpg_dude, yes I initialised the key multiple times, with different pin combinations to track the problem down. I just inserted an older Yubikey, which was initialised with gpg 2.0 and not 2.2, and there the pins are functioning correctly.</p></div>jbrtag:gpgtools.tenderapp.com,2011-11-04:Comment/435537162018-03-13T11:14:13Z2018-03-13T11:14:13Zafter updating to GPGtools 2017.1 Yubikey no longer functions properly (both in Mail & gpg2 --card-edit)<div><p>Since this is an old discussion we are closing it. Re-open is an option but let's file new discussions for any remaining issues to have a clean start and focus on one problem per discussion.</p>
<p>Best,<br>
steve</p></div>Steve