I've got a pretty basic password/OTP set up on macOS:
- my YubiKey has the sig/aut/enc subkeys to encrypt/decrypt my passwords in the password store
- my OTPs are solely on my YubiKey - I use the Yubikey Authenticator macOS app to generate them
This setup works pretty well except for some weird issues:
- if I insert the YubiKey and I generate an OTP via the YubiKey authenticator, I can't decrypt passwords anymore as the gpg-agent/pinentry doesn't recognize the card anymore.
- if I insert the YubiKey and unlock the card to decrypt a password, the YubiKey Authenticator app no longer recognizes the YubiKey.
This results in having to unplug/plug in the YubiKey several times daily, which is annoying.
Any tips on where the issue could come from?
gpg
and once the YubiKey is recognized in one, it can't be recognized in the other. I can't recall if it's Authenticator or notgpg
having access to the hardware key, but not both (I don't know if it's the Yubico Authenticator, but it is one of the GUI apps, as the Yubico CLI apps don't create access issues that I've found)