Firmware Update#

(Nitrokey 3 - Linux)

This guide describes how to update the firmware on the Nitrokey 3.

Important

Currently updating the firmware will delete all user data! Make sure you have proper backup login methods enabled and/or ensure that the Nitrokey 3 is not the only way to authenticate/2FA for your applications/services.

How to Update#

Important

Never disconnect the Nitrokey 3 or abort the process while updating, this will likely render your device useless!

  1. Make sure you have the latest pynitrokey version installed, please check the installation instructions for your OS.

  2. Run nitropy nk3 update.

  3. Touch device to activate bootloader (once instructed by nitropy).

  4. macOS only: Run update command again (once instructed by nitropy).

  5. Wait 3-10mins on macOS/Linux, 12-25mins on Windows.

  6. The update is finished.

  7. Optional: run nitropy nk3 test to check if device is working properly after flashing.

In case of any errors please take the logs from /tmp directory (/tmp/nitropy.log.*).

Troubleshooting:#

Issue: I get permission denied for /dev/hidrawX during update.

This likely means your user has not the needed permissions to read/write the device. Please make sure you have set up the correct udev-rules. Download this udev-rules set and place it in your udev rules directory (e.g., /etc/udev/rules.d). Then remove your Nitrokey 3 from the USB slot and run: udevadm control --reload-rules && udevadm trigger or reboot your machine. Afterwards the update should work without the permission issue.