Getting Started¶
Install OpenSC. You need at least version 0.19. You can find recent builds for debian-based systems like Ubuntu here if your system does not have the newest version of OpenSC. Alternatively, install this driver (source).
Install OpenSC. Alternatively, install this driver (source).
On some macOS versions, OpenSC fails to find the CCID library of the operating system. In this case OpenSC tools will show
Unresponsive Carderrors. The problem can be fixed by either copying or symlinking the directory/usr/libexec/SmartCardServicesto/usr/local/libexec/SmartCardServices. A reboot after this change is mandatory to make the new library to be recognized.Define SO-PIN and PIN of your own choices. See these instructions. Afterwards you can begin to generate new keys.
Your Nitrokey is now ready to use.
There is nitrotool as a more comfortable frontend to OpenSC. (hsmwiz)
Embedded Systems: For systems with minimal memory footprint a read/only PKCS#11 module is provided by the sc-hsm-embedded project.
This PKCS#11 module is useful for deployments where key generation at the user’s workplace is not required. The PKCS#11 module also supports major electronic signature cards available in the German market.
OpenSCDP: The SmartCard-HSM is fully integrated with OpenSCDP, the open smart card development platform. See the public support scripts for details.