Last active
June 18, 2025 09:54
Revisions
-
dminca revised this gist
May 26, 2019 . No changes.There are no files selected for viewing
-
May 26, 2019 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,6 +2,7 @@ > After entering the wrong password 3 times your YubiKey is locked in order to avoid brute-forcing the password. Luckily, there's a way of unlocking yourself. > :warning: you will lose all data on it ```sh -
May 26, 2019 . 1 changed file with 7 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,7 +1,8 @@ # Unlock YubiKey :warning: > After entering the wrong password 3 times your YubiKey is locked in order to avoid brute-forcing the password. Luckily, there's a way of unlocking yourself. > :warning: you will lose all data on it ```sh gpg2 --card-status @@ -73,4 +74,8 @@ pkill gpg-agent && pkill scdaemon ``` * get a card status `gpg --card-status` * success; YubiKey was `factory-reset` - you lost all data on it ## Resources * https://forum.yubico.com/viewtopicfcb3.html?p=8245#p8245 -
May 26, 2019 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,76 @@ # Unlock YubiKey > After entering the wrong password 3 times your YubiKey is locked in order to avoid brute-forcing the password. Luckily, there's a way of unlocking yourself. ```sh gpg2 --card-status Application ID ...: D2760001240102010006042126520000 Version ..........: 2.1 Manufacturer .....: Yubico Serial number ....: 04212652 Name of cardholder: [not set] Language prefs ...: [not set] Sex ..............: unspecified URL of public key : [not set] Login data .......: [not set] Signature PIN ....: not forced Key attributes ...: 2048R 2048R 2048R Max. PIN lengths .: 127 127 127 PIN retry counter : 3 0 3 Signature counter : 0 Signature key ....: [none] Encryption key....: [none] Authentication key: [none] General key info..: [none] ``` ## Unlocking it You need to drop into GPG Agent shell and execute these hex commands one by one (wait for the response, then enter the next one): ```sh gpg-connect-agent --hex > scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40 D[0000] 69 82 i. OK > scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40 D[0000] 69 82 i. OK > scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40 D[0000] 69 82 i. OK > scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40 D[0000] 69 83 i. OK > scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40 D[0000] 69 82 i. OK > scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40 D[0000] 69 82 i. OK > scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40 D[0000] 69 82 i. OK > scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40 D[0000] 69 83 i. OK > scd apdu 00 e6 00 00 D[0000] 90 00 .. OK > scd apdu 00 44 00 00 D[0000] 90 00 .. OK > ``` * unplug/plug YubiKey * kill the **GPG Agent** & **scdaemon** ```sh pkill gpg-agent && pkill scdaemon ``` * get a card status `gpg --card-status` * success; YubiKey was `factory-reset` - you lost all data on it