I just bought a 15v4 with Librem Key, and ran into some issues with key setup.
Hopefully this thread will help you avoid my same issues.
FIRST PROBLEM
user@user:~$ gpg --card-status
gpg: selecting openpgpg failed: No such device
gpg: OpenPGP card not available: No such device
gpg --card-status and gpg --card-edit require you to run as ROOT. Apparently the first batch of US manufactured Librem Keys USB IDs haven’t yet been added to upstream, which causes this error.
user@user:~$ sudo gpg --card-status #should work for you
One pitfall of having to run GPG as root: It redirects the program from the normal .gnupg folder stored at /home/user.gnupg to /root/.gnupg … Do your gpg keygen as a normal user (NOT root), and then copy the .gnupg folder to /root so that you will be able to to perform gpg keytocard when running later.
Your Admin password must be 25 characters or less in order for Heads to accept it. Otherwise you get an error, code 26, password too long. Also, the number pad doesn’t work in heads.
I’m working on a full documentation, setting up a brand new version 4 laptop with Librem Key, Heads, and Qubes, complete with screencapture and pics of Pureboot and Heads screens, so stay tuned!
Which specific admin pin is giving you that limitation? The TPM admin password? The Librem Key admin password you use when setting up HOTP? The GPG Admin password?
The Librem Key allows for longer passwords during GPG setup, although I didn’t test the upper limit. I was getting the error during TPM reset, after HOTP QR code, when it asks for the Librem Key Admin Password. Error code 26
That makes sense. There’s an upper limit on the length of the admin PIN. Here is the explanation from Nitrokey’s FAQ:
Nitrokey uses PINs instead of passwords. The main difference is that the hardware limits the amount of tries to three while a limit doesn’t exist for passwords. Because of this, a short PIN is still secure and there is not need to choose a long and complex PIN.
Nitrokey Pro’s and Storage’s PINs can be up to 20 digits long and can consist of numbers, characters and special characters. Note: When using GnuPG or OpenSC, 32 character long PINs can be used but aren’t supported by Nitrokey App.
