Schau da auch mal vorbei.
]]>Hast du ipv6?
Ich habe einen Full DualStack, dh . Ipv6 und Ipv4 internetzugang und hatte das Problem auch gelegentlich. Habe festgestellt, dass ipv4 teilweise ausgefallen war und dann ipv6 benutzt wurde. Da ipv6 derzeit anscheinend nicht funktioniert führte dies bei mir auch zu ausfällen von bis zu 24h.Dann wurde die IPv4 Adresse erneuert. Habe dann meine dynDNS Konfiguration überarbeitet (verwende eine custom ddclient config)
Vielleicht hilft es erstmal nur ipv4 einzustellen.
Grüße,
Thamos
]]>It’s clear that “nitropy fido2 reset” works on the NK3. MRafael even confirmed that “nitropy fido2 reset” worked after I explained that touching the Nitrokey is required.
]]>I just tried on my side and it worked.
Even without sudo it worked.
What you need to make sure is to unplug and replug the Nitrokey just before entering "y” when it ask:
Warning: Your credentials will be lost!!! continue? [(y)es/(n)o]: y
Then you need to touch your Nitrokey and then the reset is done.
]]>Ich hatte den Fehler bei mir auch. Ich konnte den Fehler über ssh beheben.
Ich würde mal den softreset versuchen Soft Reset - Nitrokey Documentation
Aber aufpassen: nicht zu lange drücken.
2-5 Stunden Zeit haben auch schon wunder gewirkt (auch nach dem Softreset nochmal)
Ansonsten kann ich dir nochmal detaillierter erklären, wie ich es hier gelöst habe. Geht aber nur, wenn du bereits einen SSH Zugang eingerichtet hattest.
Grüße,
Thamos
]]>You have to use the Zip file to do this, i did it 2 days ago….
]]>Sign the certificate? [y/n]:y
2030F391FFFF0000:error:40800054:pkcs11:p11prov_GetOperationState:reason(84):/usr/src/debug/pkcs11-provider/0.5/src/interface.gen.c:335:Error returned by C_GetOperationState
You can follow this guide:
]]>weiß jemand, was hier zu tun ist?
Ich nutze die nextbox selten über den Browser, wollte das mal wieder ausprobieren und bekomme folgende Fehlermeldung:
Außerdem ist der client offline und ich kann mich auch nicht anmelden (es passiert nichts, wenn ich auf anmelden klicke).
Die LED ist lila und daher ist die nextbox im Wartungsmodus - heißt es also nur abwarten und ich habe zufällig einen doofen Zeitpunkt erwischt?
Was muss ich tun? Weiß das jemand? Da ich vorher nichts aktiv verändert habe, sehe ich hier keinen Ansatzpunkt für mich.
Vielen Dank im Voraus…
Sazz
]]>Thank you!
]]>nitropy list 2>&1 | grep “/dev/hidraw.\*: Nitrokey 3” | awk -Wnon-decimal-data ’ { printf “%s\\n%d\\n%s\\n%d\\n”,$4,“0x” $4,substr($4,1,8),“0x” substr($4,1,8) } ’
You have to install gparted in the live system for it work.
Start there…
]]>
MRafael:nitropy fido2 status
Command line tool to interact with Nitrokey devices 0.11.3
Warning: This command only works with the Nitrokey FIDO2, not with other FIDO2
devices!
Critical error:
An unhandled exception occurred
Exception encountered: NoSoloFoundError(‘no Nitrokey FIDO2 found’)
That’s the same for me with a Nitrokey 3. I guess – as the command already says – it “only works with the Nitrokey FIDO2”, and thus not with the NK3. Try setting up your PIN and credentials using your web browser now.
Or try nitropy fido2 list-credentials or nitropy fido2 get-info.
nitropy fido2 reset has worked successfully
mr@fedora:~$ nitropy fido2 reset
Command line tool to interact with Nitrokey devices 0.11.3
Reset is only possible within 10secs after plugging in the device.
Please (re-)plug in your Nitrokey FIDO2 now!
Warning: Your credentials will be lost!!! continue? [(y)es/(n)o]: y
choosing: yes
Press key to confirm – again, your credentials will be lost!!!
…aaaand they’re gone
But ymr@fedora:~$ nitropy fido2 status
Command line tool to interact with Nitrokey devices 0.11.3
Warning: This command only works with the Nitrokey FIDO2, not with other FIDO2
devices!
Critical error:
An unhandled exception occurred
Exception encountered: NoSoloFoundError(‘no Nitrokey FIDO2 found’)
(Attachment nitropy-20260315T075827-xde8bosf.log is missing)
]]>Regarding your question, I’m not aware of a documentation covering it. The concept of using and setting up a backup token depends on what features you use on it. In general you can say that for
- anything regarding FIDO2/passkeys: You create/register credentials for the backup the same way as you did for the primary. So, for the broken token you can simply create additional new credentials on a replacement token, while using your backup token to login.
- An exception is if you use the FIDO2 HMAC-SECRET extension, which can be setup on multiple tokens with a shared secret. This is a type of secret an application like KeepassXC uses, for example. If you use it but don’t have the secret used for setup anymore, the feasible way-out is to use your backup token and export the respective application data safely (keypassxc example). Then re-create with a new (again safely setup secret).
- A similar exception are older FIDO U2F secrets, e.g. often used to use a token to login on Linux. You would simply add a new U2F secret for the new token where used.
- HOTP/TOTP: you create new ones with the services, or device used. If you use HOTP with a Heads Nitropad, you need to reset it with the new (backup) token and rely on the TOTP secret meanwhile.
- Password safe: you need to manually duplicate the credentials for/from the/a backup. There is no functionality to import a list of password secrets to a new token, or export a list from a token.
- GPG: If you imported the secrets to the two tokens initially, you can simply redo that with a new token. If you did not import (but generated them on-device), you won’t have a backup since you cannot export secrets. In this case you create new ones and revoke the old ones (to keep it simple).
Depending on what you use and what you re-setup, the final step is to purge secrets linked to the broken token. So, for the FIDO2 secrets you need to identify the ones from the broken token and delete them where they are registered. Theoretically, you could just physically destroy the token, but you might not want to lose overview which credentials are active and obsolete over time. Some services allow you to name secrets (e.g. nitrokey 1, nitrokey 2) or add a comment (e.g. ssh -C “nitrokey 1”), that makes it easier.
Also good to keep in mind: the different PINs you use are token specific, i.e. there is no need to sync any PIN between primary and backup. It is perfectly feasible to have different (e.g. more complex) PIN on the backup token (since you usually store that out of sight). Once you need to use it, you can change PINs to what you consider feasible and secure enough for every day use.
]]>In der Administrator Übersicht bekomme ich folgende Einrichtungswarnung:
falsches Zeilenformat in Ihrer Datenbank gefunden. ROW_FORMAT=Dynamic bietet die beste Datenbankleistung für Nextcloud. Bitte aktualisieren Sie das Zeilenformat in der folgenden Liste: oc_talk_bridges, oc_notes_meta, oc_circles_event,…. lange Liste
Ist geplant, dass sich die Nextbox-(App/Deamon) irgendwann darum kümmert? Oder kann das mit occ irgendwie automatisch gelöst werden?
Der Dokumentationslink, der an der Fehlermeldung angebracht ist führt direkt zur Datenbankdokumentation (InnoDB). So richtig hilft die nicht weiter.
Ich habe den Eindruck, das ist nicht so einfach zu lösen. Die Dokumentation liest sich, als hätte das eigentlich sowieso bereits als “dynamic” angelegt werden müssen, und ich frage mich ob es absichtlich anders ist.
Weiß hier jemand etwas zu?
Grüße,
Thamos
]]>sudo shutdown -r now
Ansonsten wäre interessant, welche Version ihr von der Nextcloud jetzt drauf habt. Bei mir ging gestern auch das Update von Version 31.0.12 auf 31.0.14 schief. Die installierten Versionen kann man in ssh mit sudo docker image ls sehen.
I didnot touch the key.
I will try again ]]>
Now the Nextcloud was in maintenance mode. After an hour time, looking into the logs, the problem solved itself 
now.
(PS, i used the ssh access and worked inside the docker image.)
]]>Die offizielle Nextcloud-App auf meinem Telefon sagt: “ Server befindet sich im Wartungsmodus”
Die LED ist aber grün und nicht Lila. Entsprechend hat das einmalige betätigen des Reset-Buttons auch nichts bewirkt.
]]>First suggestion to rub with sudo does not work as below
mr@fedora:~$ sudo ~/.local/bin/nitropy fido2 reset
Command line tool to interact with Nitrokey devices 0.11.3
THIS COMMAND SHOULD NOT BE RUN AS ROOT!
Please install udev rules and run nitropy as regular user (without sudo).
We suggest using: https://raw.githubusercontent.com/Nitrokey/libnitrokey/master/data/41-nitrokey.rules
For more information, see: https://docs.nitrokey.com/software/nitropy/linux/udev.html
Set ALLOW_ROOT=1 environment variable to disable this warning.
Reset is only possible within 10secs after plugging in the device.
Please (re-)plug in your Nitrokey FIDO2 now!
Warning: Your credentials will be lost!!! continue? [(y)es/(n)o]: y
choosing: yes
Press key to confirm – again, your credentials will be lost!!!
y
Critical error:
Reset failed (CTAP error: 0x2F - USER_ACTION_TIMEOUT)
Did you confirm with a key-press 10secs after plugging in?
Please re-try…
Do you have the update feature in your Heads menu?
Yes.
If your current version is maximized then you should be able to internally update it.
In Heads the “System Info” shows that the NitroPad has the “maximized” Firmware v1.4:
Nitropad T430 (maximized)".
FW_VER: CBET4000 Heads-v1.4-2-g9…
Do I need an external flasher to update to the newest “maximized” Heads firmware v2.5?
If this would be the case: Can I update internally from a maximized firmware (without an external flasher) to the newest legacy Heads firmware V2.1?
The NitroPad T430 is my every day Notebook for work - so I have to be sure to not brick it.
]]>Bitte den Kommandozeilen-Updater verwenden, die Browser-Aktualisierung ist in der config.php deaktiviert.”
Das bekomme ich jetzt angezeigt, wenn ich über Firefox auf die NextBox zugreifen will.
Ich arbeite seit ein paar Monaten auf einem Linux-Rechner von Tuxedo und bin noch nicht so sicher in der Kommandozeile - will da nichts falsch machen. Und die Dokumentation von Nextcloud hat da jetzt auch keinen erhellenden Eintrag geliefert. Gibt es dazu hier einen hilfreichen Ratschlag?
]]>Today at 12:35 my Nextbox started to upgrade Nextcloud.
Since then I get the error, when I try to open the nextbox website. All connecting apps give me an http 500 error, too.
What I tried already:
Reboot of the nextbox
I have ssh access. But i did nothing special there. I noticed the admin page was complaining about some column format, but think this has nothing to do with the problem.
Is this update error already known, is nitrokey working on this?
I may send some logs, if you say which ones you need.
Regards, Thamos
]]>I still have my secondary. But I don’t understand the concept of buying a new one and making that my new primary. (Or using my secondary as my primary and making the new one my secondary once it arrives.) Is there documentation on this procedure? I’ve gotten very confused.
On your same qube are you able to make your Nitrokey work with https://webauthn.io/ ?
Additionally what is your Nitrokey firmware version?
]]>it requires admin rights if you did not do the cmd with sudo could you then try.
And also you could try the reset with chromium based browser.
]]>I’m trying to use https://confer.to in an AppVM in Qubes OS with Brave Browser.
I can only make it work on sys-usb.
When I try to use it in another VM, I connect to Confer.to with Brave Browser, Nitrokey 3C starts bliking blue, and after I touch it, I get this message:
```
Your device can’t be used with this site
confer.to might require a newer or different kind of device
```
41-nitrokey.rules
)
and successfully restarted services.
But I can’t use GUI app or Nitropy CLI to either set or change PINs.
nitropy fido2 reset gives error as cut and pasted fron log file
ymr@fedora:~$ ls /tmp/nitropy-20260313T163416-c1h9d2ul.log
/tmp/nitropy-20260313T163416-c1h9d2ul.log
ymr@fedora:~$ cat /tmp/nitropy-20260313T163416-c1h9d2ul.log
164 INFO pynitrokey.cli Timestamp: 2026-03-13 16:34:16.486146
165 INFO pynitrokey.cli OS: uname_result(system=‘Linux’, node=‘fedora’, release=‘6.19.6-200.fc43.x86_64
‘, version=’#1 SMP PREEMPT_DYNAMIC Thu Mar 5 00:10:35 UTC 2026’, machine=‘x86_64’)
165 INFO pynitrokey.cli Python version: 3.14.3
165 INFO pynitrokey.cli Cli arguments: [‘fido2’, ‘reset’]
165 INFO pynitrokey.cli pynitrokey version: 0.11.3
166 INFO pynitrokey.cli cryptography version: 46.0.5
166 INFO pynitrokey.cli fido2 version: 2.1.1
166 INFO pynitrokey.cli nethsm version: 2.0.1
167 INFO pynitrokey.cli nitrokey version: 0.4.2
167 INFO pynitrokey.cli pyusb version: 1.3.1
167 DEBUG root print: Reset is only possible within 10secs after plugging in the device.
167 DEBUG root print: Please (re-)plug in your Nitrokey FIDO2 now!
34507 DEBUG root print: choosing: yes
34507 DEBUG root print: Press key to confirm – again, your credentials will be lost!!!
34559 DEBUG fido2.hid.linux Failed opening device /dev/hidraw1
Traceback (most recent call last):
File “/home/ymr/.local/share/pipx/venvs/pynitrokey/lib64/python3.14/site-packages/fido2/hid/linux.py”, line
96, in list_descriptors
devices.append(get_descriptor(hidraw))
~~~~~~~~~~~~~~^^^^^^^^
File “/home/ymr/.local/share/pipx/venvs/pynitrokey/lib64/python3.14/site-packages/fido2/hid/linux.py”, line
53, in get_descriptor
with open(path, “rb”) as f:
~~~~^^^^^^^^^^^^
PermissionError: [Errno 13] Permission denied: ‘/dev/hidraw1’
34560 DEBUG fido2.hid.linux Failed opening device /dev/hidraw0
Traceback (most recent call last):
File “/home/ymr/.local/share/pipx/venvs/pynitrokey/lib64/python3.14/site-packages/fido2/hid/linux.py”, line
96, in list_descriptors
devices.append(get_descriptor(hidraw))
~~~~~~~~~~~~~~^^^^^^^^
File “/home/ymr/.local/share/pipx/venvs/pynitrokey/lib64/python3.14/site-packages/fido2/hid/linux.py”, line
53, in get_descriptor
with open(path, “rb”) as f:
~~~~^^^^^^^^^^^^
PermissionError: [Errno 13] Permission denied: ‘/dev/hidraw0’
34867 DEBUG fido2.hid Got keepalive status: 02
35119 DEBUG fido2.hid Got keepalive status: 02
35366 DEBUG fido2.hid Got keepalive status: 02
35614 DEBUG fido2.hid Got keepalive status: 02
35866 DEBUG fido2.hid Got keepalive status: 02
36114 DEBUG fido2.hid Got keepalive status: 02
36366 DEBUG fido2.hid Got keepalive status: 02
36614 DEBUG fido2.hid Got keepalive status: 02
36862 DEBUG fido2.hid Got keepalive status: 02
37115 DEBUG fido2.hid Got keepalive status: 02
37363 DEBUG fido2.hid Got keepalive status: 02
37615 DEBUG fido2.hid Got keepalive status: 02
37862 DEBUG fido2.hid Got keepalive status: 02
38111 DEBUG fido2.hid Got keepalive status: 02
38363 DEBUG fido2.hid Got keepalive status: 02
38611 DEBUG fido2.hid Got keepalive status: 02
38858 DEBUG fido2.hid Got keepalive status: 02
39111 DEBUG fido2.hid Got keepalive status: 02
39358 DEBUG fido2.hid Got keepalive status: 02
39611 DEBUG fido2.hid Got keepalive status: 02
39858 DEBUG fido2.hid Got keepalive status: 02
40106 DEBUG fido2.hid Got keepalive status: 02
40359 DEBUG fido2.hid Got keepalive status: 02
40607 DEBUG fido2.hid Got keepalive status: 02
40858 DEBUG fido2.hid Got keepalive status: 02
41107 DEBUG fido2.hid Got keepalive status: 01
41355 DEBUG fido2.hid Got keepalive status: 02
41607 DEBUG fido2.hid Got keepalive status: 02
41855 DEBUG fido2.hid Got keepalive status: 02
42103 DEBUG fido2.hid Got keepalive status: 02
42355 DEBUG fido2.hid Got keepalive status: 02
42603 DEBUG fido2.hid Got keepalive status: 02
42855 DEBUG fido2.hid Got keepalive status: 02
43103 DEBUG fido2.hid Got keepalive status: 02
43351 DEBUG fido2.hid Got keepalive status: 02
43603 DEBUG fido2.hid Got keepalive status: 02
43850 DEBUG fido2.hid Got keepalive status: 02
44103 DEBUG fido2.hid Got keepalive status: 02
44351 DEBUG fido2.hid Got keepalive status: 02
44599 DEBUG fido2.hid Got keepalive status: 02
44850 DEBUG fido2.hid Got keepalive status: 02
45099 DEBUG fido2.hid Got keepalive status: 02
45347 DEBUG fido2.hid Got keepalive status: 02
45599 DEBUG fido2.hid Got keepalive status: 02
45846 DEBUG fido2.hid Got keepalive status: 02
46098 DEBUG fido2.hid Got keepalive status: 02
46347 DEBUG fido2.hid Got keepalive status: 02
46595 DEBUG fido2.hid Got keepalive status: 02
46846 DEBUG fido2.hid Got keepalive status: 02
47095 DEBUG fido2.hid Got keepalive status: 02
47347 DEBUG fido2.hid Got keepalive status: 02
47594 DEBUG fido2.hid Got keepalive status: 02
47842 DEBUG fido2.hid Got keepalive status: 02
48095 DEBUG fido2.hid Got keepalive status: 02
48343 DEBUG fido2.hid Got keepalive status: 02
48591 DEBUG fido2.hid Got keepalive status: 02
48842 DEBUG fido2.hid Got keepalive status: 02
49091 DEBUG fido2.hid Got keepalive status: 02
49343 DEBUG fido2.hid Got keepalive status: 02
49591 DEBUG fido2.hid Got keepalive status: 02
49838 DEBUG fido2.hid Got keepalive status: 02
50091 DEBUG fido2.hid Got keepalive status: 02
50339 DEBUG fido2.hid Got keepalive status: 02
50586 DEBUG fido2.hid Got keepalive status: 02
50839 DEBUG fido2.hid Got keepalive status: 02
51087 DEBUG fido2.hid Got keepalive status: 02
51338 DEBUG fido2.hid Got keepalive status: 02
51587 DEBUG fido2.hid Got keepalive status: 02
51834 DEBUG fido2.hid Got keepalive status: 02
52086 DEBUG fido2.hid Got keepalive status: 02
52335 DEBUG fido2.hid Got keepalive status: 02
52583 DEBUG fido2.hid Got keepalive status: 02
52834 DEBUG fido2.hid Got keepalive status: 02
53082 DEBUG fido2.hid Got keepalive status: 02
53335 DEBUG fido2.hid Got keepalive status: 02
53583 DEBUG fido2.hid Got keepalive status: 02
53831 DEBUG fido2.hid Got keepalive status: 02
54082 DEBUG fido2.hid Got keepalive status: 02
54330 DEBUG fido2.hid Got keepalive status: 02
54583 DEBUG fido2.hid Got keepalive status: 02
54831 DEBUG fido2.hid Got keepalive status: 02
55079 DEBUG fido2.hid Got keepalive status: 02
55330 DEBUG fido2.hid Got keepalive status: 02
55578 DEBUG fido2.hid Got keepalive status: 02
55826 DEBUG fido2.hid Got keepalive status: 02
56078 DEBUG fido2.hid Got keepalive status: 02
56326 DEBUG fido2.hid Got keepalive status: 02
56578 DEBUG fido2.hid Got keepalive status: 02
56826 DEBUG fido2.hid Got keepalive status: 02
57075 DEBUG fido2.hid Got keepalive status: 02
57326 DEBUG fido2.hid Got keepalive status: 02
57574 DEBUG fido2.hid Got keepalive status: 02
57827 DEBUG fido2.hid Got keepalive status: 02
58074 DEBUG fido2.hid Got keepalive status: 02
58322 DEBUG fido2.hid Got keepalive status: 02
58575 DEBUG fido2.hid Got keepalive status: 02
58823 DEBUG fido2.hid Got keepalive status: 02
59071 DEBUG fido2.hid Got keepalive status: 02
59322 DEBUG fido2.hid Got keepalive status: 02
59571 DEBUG fido2.hid Got keepalive status: 02
59823 DEBUG fido2.hid Got keepalive status: 02
60071 DEBUG fido2.hid Got keepalive status: 01
60319 DEBUG fido2.hid Got keepalive status: 02
60570 DEBUG fido2.hid Got keepalive status: 02
60819 DEBUG fido2.hid Got keepalive status: 02
61067 DEBUG fido2.hid Got keepalive status: 02
61319 DEBUG fido2.hid Got keepalive status: 02
61567 DEBUG fido2.hid Got keepalive status: 02
61818 DEBUG fido2.hid Got keepalive status: 02
62067 DEBUG fido2.hid Got keepalive status: 02
62315 DEBUG fido2.hid Got keepalive status: 02
62566 DEBUG fido2.hid Got keepalive status: 02
62814 DEBUG fido2.hid Got keepalive status: 02
63062 DEBUG fido2.hid Got keepalive status: 02
63314 DEBUG fido2.hid Got keepalive status: 02
63562 DEBUG fido2.hid Got keepalive status: 02
63815 DEBUG fido2.hid Got keepalive status: 02
64062 DEBUG fido2.hid Got keepalive status: 02
64310 DEBUG fido2.hid Got keepalive status: 02
64562 DEBUG fido2.hid Got keepalive status: 02
64810 DEBUG fido2.hid Got keepalive status: 02
64898 DEBUG root print: Critical error:
64899 DEBUG root print: Reset failed (CTAP error: 0x2F - USER_ACTION_TIMEOUT)
64899 DEBUG root print: Did you confirm with a key-press 10secs after plugging in?
64899 DEBUG root print: Please re-try…
64899 DEBUG root listing all connected devices:
64906 DEBUG root :: ‘Nitrokey FIDO2’ keys
64906 DEBUG root :: ‘Nitrokey Start’ keys:
64935 DEBUG root :: ‘Nitrokey 3’ keys
64970 DEBUG root /dev/hidraw2: Nitrokey 3 2FBBC03B466539589D5F7025C246E0D4
64970 DEBUG root :: ‘Nitrokey Passkey’ keys
64979 DEBUG root print: ----------------------------------------------------------------------------
64979 DEBUG root print: Critical error occurred, exiting now
64979 DEBUG root print: Unexpected? Is this a bug? Would you like to get support/help?
64979 DEBUG root print: - You can report issues at: https://support.nitrokey.com/
64979 DEBUG root print: - Writing an e-mail to [email protected] is also possible
64979 DEBUG root print: - Please attach the log: ‘/tmp/nitropy-20260313T163416-c1h9d2ul.log’ with an
y support/help request!
64979 DEBUG root print: - Please check if you have udev rules installed:
The key was defective indeed. Sh.. happens. Got a replacement which works as expected.
Excellent support 
openssl verify -CAfile <path> -untrusted <csr>.pem <csr>.pem ]]>If not, can you provide me with the details to reproduce the bug ?
Then I will try and report it.
]]>In my current case, I don’t know what happened, because my friend didn’t know what was important. So he can’t say how the led was blinking.
I would test the reset trigger myself, but my own Nextbox is in productive use for my family, so I can’t conduct such experiments on it. The Nextbox belonging to my friend has been taken apart for file recovery. In a few weeks, when I’m finished with that, I may test the soft reset.
Ok, i got it fixed upstreams. The fixed registration and authentication and took it only on meta.discourse.com is there any way to tag somebody who can update the forum?
just trying to get attention to the forum updated; Couldnt find a better category
]]>is there any way to tag somebody who can update the forum?
]]>Also when the button is pressed you can notice it because the led will become solid blue.
]]>For the size if I’m not mistaking it should be DC Jack 5.5mm * 2.1-2.5mm.
]]>