Page MenuHome GnuPG

Trying to perform 'factory-reset' of Yubico Yubikey Neo always fails
Closed, ResolvedPublic


Trying to run the factory-reset command on a Yubico Yubikey always fails. It is possible
to reset the gpg applet according to manufacturer instructions. I have verified that this
reset works. Perhaps gnupg can implement a similar method internally to reset the

Failing session:

/tmp$ gpg2 --card-edit

Reader ...........: 1050:0116:X:0
Application ID ...: D2760001240102000006030154560000
Version ..........: 2.0
Manufacturer .....: Yubico
Serial number ....: MY_SERIAL_NUM
Name of cardholder: [not set]
Language prefs ...: [not set]
Sex ..............: unspecified
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: forced
Key attributes ...: rsa2048 rsa2048 rsa2048
Max. PIN lengths .: 127 127 127
PIN retry counter : 3 3 3
Signature counter : 0
Signature key ....: [none]
Encryption key....: [none]
Authentication key: [none]
General key info..: [none]

gpg/card> admin
Admin commands are allowed

gpg/card> help
quit quit this menu
admin show admin commands
help show this help
list list all available data
name change card holder's name
url change URL to retrieve key
fetch fetch the key specified in the card URL
login change the login name
lang change the language preferences
sex change card holder's sex
cafpr change a CA fingerprint
forcesig toggle the signature force PIN flag
generate generate new keys
passwd menu to change or unblock the PIN
verify verify the PIN and list all data
unblock unblock the PIN using a Reset Code
factory-reset destroy all keys and data

gpg/card> factory-reset
gpg: OpenPGP card no. D2760001240102000006030154560000 detected
gpg: This command is not supported by this card




Event Timeline

grempe set Version to 2.1.10.
grempe added a subscriber: grempe.

That is no bug. gpg clearly states this. The factory reset is an optional
feature of the OpenPGP card specs.

werner claimed this task.
werner added a project: Not A Bug.