Mein #yubikey wird in #keepassxc nicht mehr erkannt bzw erkannt aber nicht mehr gelesen. 
#PCSC läuft. Hab das auch nochmal neu installiert. Aber hat nichts gebracht.
Hat jemensch eine Idee wie ich das fixen könnte? 
#eh22
![(base) robin@ms-li-n-16-013:~> keepassxc
Warning: Ignoring XDG_SESSION_TYPE=wayland on Gnome. Use QT_QPA_PLATFORM=wayland to run on Wayland anyway.
YubiKey: Failed to establish PCSC context.
YubiKey: PCSC interface is disabled or not initialized.
(base) robin@ms-li-n-16-013:~> sudo systemctl status pcscd.service
[sudo] password for root:
● pcscd.service - PC/SC Smart Card Daemon
Loaded: loaded (/usr/lib/systemd/system/pcscd.service; indirect; preset: disabled)
Active: active (running) since Sat 2025-04-19 11:24:06 CEST; 1min 10s ago
Invocation: 9329d05718c84027830ea578a2c56af5
TriggeredBy: ● pcscd.socket
Docs: man:pcscd(8)
Main PID: 5026 (pcscd)
Tasks: 5 (limit: 18884)
CPU: 56ms
CGroup: /system.slice/pcscd.service
└─5026 /usr/sbin/pcscd --foreground
Apr 19 11:24:06 ms-li-n-16-013 systemd[1]: Started PC/SC Smart Card Daemon.
(base) robin@ms-li-n-16-013:~> sudo systemctl status pcscd.socket
● pcscd.socket - PC/SC Smart Card Daemon Activation Socket
Loaded: loaded (/usr/lib/systemd/system/pcscd.socket; enabled; preset: enabled)
Active: active (running) since Sat 2025-04-19 11:22:07 CEST; 3min 28s ago
Invocation: 5770cc7bcaed47f89f130f1d47cd9826
Triggers: ● pcscd.service
Listen: /run/pcscd/pcscd.comm (Stream)
CGroup: /system.slice/pcscd.socket
Apr 19 11:22:07 ms-li-n-16-013 systemd[1]: Listening on PC/SC Smart Card Daemon Activation Socket.](https://assets.chaos.social/media_attachments/files/114/363/943/390/192/001/original/7e989322ff605ce6.png "(base) robin@ms-li-n-16-013:~> keepassxc
Warning: Ignoring XDG_SESSION_TYPE=wayland on Gnome. Use QT_QPA_PLATFORM=wayland to run on Wayland anyway.
YubiKey: Failed to establish PCSC context.
YubiKey: PCSC interface is disabled or not initialized.
(base) robin@ms-li-n-16-013:~> sudo systemctl status pcscd.service
[sudo] password for root:
● pcscd.service - PC/SC Smart Card Daemon
Loaded: loaded (/usr/lib/systemd/system/pcscd.service; indirect; preset: disabled)
Active: active (running) since Sat 2025-04-19 11:24:06 CEST; 1min 10s ago
Invocation: 9329d05718c84027830ea578a2c56af5
TriggeredBy: ● pcscd.socket
Docs: man:pcscd(8)
Main PID: 5026 (pcscd)
Tasks: 5 (limit: 18884)
CPU: 56ms
CGroup: /system.slice/pcscd.service
└─5026 /usr/sbin/pcscd --foreground
Apr 19 11:24:06 ms-li-n-16-013 systemd[1]: Started PC/SC Smart Card Daemon.
(base) robin@ms-li-n-16-013:~> sudo systemctl status pcscd.socket
● pcscd.socket - PC/SC Smart Card Daemon Activation Socket
Loaded: loaded (/usr/lib/systemd/system/pcscd.socket; enabled; preset: enabled)
Active: active (running) since Sat 2025-04-19 11:22:07 CEST; 3min 28s ago
Invocation: 5770cc7bcaed47f89f130f1d47cd9826
Triggers: ● pcscd.service
Listen: /run/pcscd/pcscd.comm (Stream)
CGroup: /system.slice/pcscd.socket
Apr 19 11:22:07 ms-li-n-16-013 systemd[1]: Listening on PC/SC Smart Card Daemon Activation Socket.")
![(base) robin@ms-li-n-16-013:~> sudo systemctl status pcscd.service
● pcscd.service - PC/SC Smart Card Daemon
Loaded: loaded (/usr/lib/systemd/system/pcscd.service; indirect; preset: disabled)
Active: active (running) since Sat 2025-04-19 11:24:06 CEST; 9min ago
Invocation: 9329d05718c84027830ea578a2c56af5
TriggeredBy: ● pcscd.socket
Docs: man:pcscd(8)
Main PID: 5026 (pcscd)
Tasks: 5 (limit: 18884)
CPU: 258ms
CGroup: /system.slice/pcscd.service
└─5026 /usr/sbin/pcscd --foreground
Apr 19 11:29:47 ms-li-n-16-013 pcscd[5026]: 00000055 ../src/winscard_svc.c:408:ContextThread() Server protocol is 4:5
Apr 19 11:29:47 ms-li-n-16-013 pcscd[5026]: 00248831 ../src/winscard_svc.c:404:ContextThread() Communication protocol mismatch!
Apr 19 11:29:47 ms-li-n-16-013 pcscd[5026]: 00000138 ../src/winscard_svc.c:406:ContextThread() Client protocol is 4:4
Apr 19 11:29:47 ms-li-n-16-013 pcscd[5026]: 00000008 ../src/winscard_svc.c:408:ContextThread() Server protocol is 4:5
Apr 19 11:29:47 ms-li-n-16-013 pcscd[5026]: 00359199 ../src/winscard_svc.c:404:ContextThread() Communication protocol mismatch!
Apr 19 11:29:47 ms-li-n-16-013 pcscd[5026]: 00000026 ../src/winscard_svc.c:406:ContextThread() Client protocol is 4:4
Apr 19 11:29:47 ms-li-n-16-013 pcscd[5026]: 00000003 ../src/winscard_svc.c:408:ContextThread() Server protocol is 4:5
Apr 19 11:29:48 ms-li-n-16-013 pcscd[5026]: 00609843 ../src/winscard_svc.c:404:ContextThread() Communication protoco](https://assets.chaos.social/media_attachments/files/114/363/943/384/044/245/original/b928b23615b56bea.png "(base) robin@ms-li-n-16-013:~> sudo systemctl status pcscd.service
● pcscd.service - PC/SC Smart Card Daemon
Loaded: loaded (/usr/lib/systemd/system/pcscd.service; indirect; preset: disabled)
Active: active (running) since Sat 2025-04-19 11:24:06 CEST; 9min ago
Invocation: 9329d05718c84027830ea578a2c56af5
TriggeredBy: ● pcscd.socket
Docs: man:pcscd(8)
Main PID: 5026 (pcscd)
Tasks: 5 (limit: 18884)
CPU: 258ms
CGroup: /system.slice/pcscd.service
└─5026 /usr/sbin/pcscd --foreground
Apr 19 11:29:47 ms-li-n-16-013 pcscd[5026]: 00000055 ../src/winscard_svc.c:408:ContextThread() Server protocol is 4:5
Apr 19 11:29:47 ms-li-n-16-013 pcscd[5026]: 00248831 ../src/winscard_svc.c:404:ContextThread() Communication protocol mismatch!
Apr 19 11:29:47 ms-li-n-16-013 pcscd[5026]: 00000138 ../src/winscard_svc.c:406:ContextThread() Client protocol is 4:4
Apr 19 11:29:47 ms-li-n-16-013 pcscd[5026]: 00000008 ../src/winscard_svc.c:408:ContextThread() Server protocol is 4:5
Apr 19 11:29:47 ms-li-n-16-013 pcscd[5026]: 00359199 ../src/winscard_svc.c:404:ContextThread() Communication protocol mismatch!
Apr 19 11:29:47 ms-li-n-16-013 pcscd[5026]: 00000026 ../src/winscard_svc.c:406:ContextThread() Client protocol is 4:4
Apr 19 11:29:47 ms-li-n-16-013 pcscd[5026]: 00000003 ../src/winscard_svc.c:408:ContextThread() Server protocol is 4:5
Apr 19 11:29:48 ms-li-n-16-013 pcscd[5026]: 00609843 ../src/winscard_svc.c:404:ContextThread() Communication protoco")
Recent searches
Search options
#yubikey
0 posts0 participants0 posts today
I've hit a use-case where the #Yubikey is unusable.
I have an ssh key I use with Ansible. I use ssh-add to add that key to ssh-agent.
When running a script to update mulitple hosts, I'm being prompted: "Please enter the passphrase for the ssh key". Repeatedly.
That's not feasible. Ain't nobody got time for that.
Is this just the way I've set it up?
https://discourse.nixos.org/t/yubilock-module-for-waybar/62385
Oooh... graphical waybar Yubikey locking module that can be toggled on & off.... yes please! 
NixOS Discourse · Yubilock module for WaybarI just finished my second open source project, called Yubilock. This Waybar module adds a service that will lock your screen when your Yubikey is disconnected. You can also toggle the service on/off depending on your threat model. Made to be used with a magnetic usb adapter, extension cable, and a key ring or carabiner that you can attach to your belt. The indicator will show the current status of the service and whether a YubiKey is currently inserted. Feedback welcome!
Nice post with some good tips on Digital Hygiene.
karpathyDigital hygieneA guide to basic digital hygiene.
Replied in thread
@techlore proton pass is good in that your data on proton pass is fully #encrypted. So if you use a hardware based #passkey such as a #yubikey to secure the main account, and have all your other accounts within use software based passkeys and 2FA, wouldn't be as much of a risk even if Proton Pass got breached as a service.
This is what innovation can do!
#AirGapped #Offline #PKI #PrivateKeys #TwoFactor- #2FA #Yubico #Yubikey
======
Vincent Bernat Turns Three YubiKeys and a Cheap Single-Board Computer Into a Secure Offline PKI
https://www.hackster.io/news/vincent-bernat-turns-three-yubikeys-and-a-cheap-single-board-computer-into-a-secure-offline-pki-1735b4ad7fc2
---
Developer Vincent Bernat demonstrates how to turn three Yubico YubiKey USB two-factor authentication dongles into an offline public key infrastructure (PKI) using a low-cost single-board computer as an air-gapped host.
If you are looking for a good password manager you can use from anywhere, there are plenty of excellent options to choose from. However, if you prefer to only store your passwords locally, KeePassXC is what you need. In our latest tutorial, we'll walk through setting up KeePassXC to work with your YubiKey as an additional factor to secure your local-only password database.
https://www.privacyguides.org/articles/2025/03/18/installing-keepassxc-and-yubikey/
www.privacyguides.org · KeePassXC + YubiKey: How to set up a local-only password manager
More from 
Em 
New Privacy Guides article 
by me:
If you are using a YubiKey,
you might get in some situations where you need to reset your key to factory default, and/or set up a backup of it on a spare key.
This tutorial will guide you
through each step to reset and back up your YubiKey successfully, with clear instructions and plenty of visual support.
I hope you find it helpful!
https://www.privacyguides.org/articles/2025/03/06/yubikey-reset-and-backup/
Always remember, when it comes to hardware security keys: Two is one, one is none.
Our latest article covers the setup process for two YubiKeys (from Yubico's YubiKey 4 or 5 series) to keep your online accounts safe and secure 
+ it goes through resetting your existing keys to a blank slate, and the reasons you might want to do so!
https://www.privacyguides.org/articles/2025/03/06/yubikey-reset-and-backup/
www.privacyguides.org · How to Reset Your YubiKey and Create a Backup
More from Em
People who use hardware security keys: Storing them in geographically diverse locations is a wise move but makes it impossible to quickly onboard. How do you keep track of where you’ve registered each key? A checklist in a spreadsheet is obvious but cumbersome. Is there a better way? (Yes I use passkeys extensively but for certain services like email, iCloud, and my password manager, a hardware option is desirable if not mandatory.) #YubiKey #YubiKeys #FIDO #FIDO2 #FIDOKey #FIDOKeys #Security
apropos of absolutely nothing here's the #NSA's official best practices on mobile device security. some top tips:
1. restart your device regularly (it's very hard for spyware to survive a restart, especially on an iPhone)
2. avoid public wifi
3. do not use public charging stations
4. disable bluetooth
5. don't install apps
to which i would add:
1. if you have an iPhone consider using apple's "Lockdown Mode" which prevents most pegasus style 0-click attacks
2. consider using a hardware USB key for securing your most important accounts. #yubico's #yubikey is a good option.
https://s3.documentcloud.org/documents/21018353/nsa-mobile-device-best-practices.pdf
Replied in thread
@Tutanota
#passbolt for password management
#sentinelone for client security
#yubikey for keys
#trezor for crypto and keys
#GPG in general as security
#proton for mails
#Torbrowser/brave browsing
#Reverseproxy
#Tailscale for secure private network mesh
Wow, finally! If you use the Bitwarden desktop app on Linux, the latest release now allows you to use a Yubikey to authenticate if you have one configured
Replied in thread
@iamkale @tychotithonus I was so excited when reading this first today, but it doesn't seem like it's generally available: "Keys are available exclusively via YubiKey as a Service". What does that mean?
I use Yubikeys as an individual opensource contributor for SSH authentication and commit signing, I've been looking forward to this release since I posted this: https://infosec.exchange/@hertg/112577335792779667
But it appears that this still isn't a release for me. Or am I missing something?
Infosec ExchangeMichael :donor: (@hertg@infosec.exchange)Do you know any hardware keys, with fingerprint sensor, that support PIV with support for ed25519 and X25519? Any recommendations?
I know #yubico announced the "YubiKey Bio Multi-protocol Edition". That sounds like what I want, but it appears to be only available as early access to enterprise customers.
#pgp #yubikey #signature #piv #smartcard #cryptography