Closed mirko closed 18 hours ago
I see no error in you logs.
If I understand correctly the problem is when you use scdaemon. When you use pcscd it all works fine. Exact?
No, the other way round. "What result do you expect?" shows the (correct) scdaemon output. "What result do you get instead?" shows gpg-agent using the libpcsc while pcscd is running (linked log corresponds to that one).
I think you inverted the 2 situations. Case 1: it works fine
Case 2: does not work
All I can do is paste what I'm doing and seeing:
user@COMPUTER:~$ ps faux | grep -iE "(pcsc|scdaemon)"
user 3244491 0.0 0.0 6708 2304 pts/20 S+ 19:26 0:00 | \_ grep -iE (pcsc|scdaemon)
user@COMPUTER:~$ /usr/bin/gpg --card-status
Reader ...........: 1050:0407:X:0
Application ID ...: X
Application type .: OpenPGP
Version ..........: 3.4
Manufacturer .....: Yubico
user@COMPUTER:~$ ps faux | grep -iE "(pcsc|scdaemon)"
user 3244534 0.0 0.0 164228 4352 ? SLl 19:27 0:00 \_ scdaemon --multi-server
user 3244542 0.0 0.0 6708 2304 pts/20 S+ 19:27 0:00 | \_ grep -iE (pcsc|scdaemon)
That is a completely different user name here: Reader ...........: 1050:0407:X:0
See https://blog.apdu.fr/posts/2024/04/gnupg-and-pcsc-conflicts-episode-2/
Okay, this is confusing. I'll report back once I sorted things out. Thanks and sorry for the noise.
Versions
Platform
Issue
$ cat .gnupg/gnupg-pkcs11-scd.conf
PKCS#11 provider
providers opensc provider-opensc-library /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so
$ gpg --card-status
$ gpg --card-status Reader ...........: Yubico YubiKey OTP FIDO CCID 00 00 Application ID ...: PURGED Application type .: OpenPGP Version ..........: 3.4 Manufacturer .....: Yubico Serial number ....: 23793478 Name of cardholder: [not set] Language prefs ...: [not set] Salutation .......: URL of public key : [not set] Login data .......: [not set] Signature PIN ....: not forced Key attributes ...: ed25519 cv25519 ed25519 Max. PIN lengths .: 127 127 127 PIN retry counter : 3 0 3 Signature counter : 0 KDF setting ......: on Signature key ....: PURGED created ....: 2024-06-22 12:24:21 Encryption key....: PURGED created ....: 2024-06-22 12:26:16 Authentication key: PURGED created ....: 2024-06-22 12:24:36 General key info..: sub ed25519/PURGED sec# ed25519/PURGED created: 2024-06-22 expires: never ssb> ed25519/PURGED created: 2024-06-22 expires: 2029-06-21 PURGED card-no: 0006 23793478 ssb> ed25519/PURGED created: 2024-06-22 expires: 2029-06-21 PURGED card-no: 0006 23793478 ssb> cv25519/PURGED created: 2024-06-22 expires: 2029-06-21 card-no: 0006 23793478
$ gpg --card-status gpg: WARNING: server 'scdaemon' is older than us (0.10.0 < 2.2.40) gpg: Note: Outdated servers may lack important security fixes. gpg: Note: Use the command "gpgconf --kill all" to restart them. Reader ...........: [none] Application ID ...: PURGED Application type .: OpenPGP Version ..........: 11.50 Manufacturer .....: ? Serial number ....: 609B28DD Name of cardholder: [not set] Language prefs ...: [not set] Salutation .......: URL of public key : [not set] Login data .......: [not set] Signature PIN ....: forced Key attributes ...: rsa48 rsa48 rsa48 Max. PIN lengths .: 0 0 0 PIN retry counter : 0 0 0 Signature counter : 0 Signature key ....: [none] Encryption key....: [none] Authentication key: [none] General key info..: [none]
There was an error creating your Issue: body is too long (maximum is 65536 characters).