When using gnupg to sign a bunch of files the PIN of my Nitrokey is asked once, and then it will remain unlocked for some time (I think 10 minutes or something). This is convenient when signing things in bulk.
When using pkcs11 URI's for signing via e.g. sbsign or the kernels scripts/sign-file the PIN is asked every time, even though after the first time the card is already unlocked. Consecutive requests for the PIN can be passed by simply pressing enter, so even though the PIN is requested it is not required. This is super inconvenient, and makes signing files in bulk a pain.
I've looked through some manuals for a config option that will maybe make this do what I want but I couldn't find anything. Is it somehow possible to prevent opensc/libp11 from asking for the PIN if the card is already in an unlocked state?
When using gnupg to sign a bunch of files the PIN of my Nitrokey is asked once, and then it will remain unlocked for some time (I think 10 minutes or something). This is convenient when signing things in bulk.
When using pkcs11 URI's for signing via e.g.
sbsignor the kernelsscripts/sign-filethe PIN is asked every time, even though after the first time the card is already unlocked. Consecutive requests for the PIN can be passed by simply pressing enter, so even though the PIN is requested it is not required. This is super inconvenient, and makes signing files in bulk a pain.I've looked through some manuals for a config option that will maybe make this do what I want but I couldn't find anything. Is it somehow possible to prevent opensc/libp11 from asking for the PIN if the card is already in an unlocked state?