smartcard howto notes

Brian Gough bjg at
Sat May 7 13:22:17 CEST 2005

Hash: SHA1

I worked through the smartcard howto in debian stable
setting up a reader for my FSFE cryptocard. Below
are some notes, I had some problems with hotplug
but did get it working -- very cool.

- -- 
Brian Gough

Network Theory Ltd,
Publishing Free Software Manuals ---

- ----------------------------------------------------------------------

- - Section 2.2. Required Hardware

SCM card readers can be purchased online in the UK from

- - 2.2.1. A List of tested Readers

The description for SCM Microsystems SPR532 says

   The pinpad may be used to securely enter the PIN
  without using the attached computer.

With GPG 1.4.1, I am prompted to enter the pin on the tty.  Is secure
entry supported?  I'd like to use this feature (I bought an SPR532
based on this).  If not, suggest adding a note about the actual
supported/unsupported status.

- - Section 2.3.1. CCID (Chip Card Interface Description)

The hotplug package in Debian stable requires all the numbers in
gnupg-ccid.usermap to have a 0x prefix, otherwise it gives an
"unparseable line" error and the 


    gnupg-ccid 0x0003 0x04e6 0xe003 0x0 0x0 0x0 0x0 0x00 0x0B 0x00 0x00 0x00000000

instead of

    gnupg-ccid  0x0003  0x04e6 0xe003 0 0 0 0 0x00 0x0B 0x00 0x00 0x00000000

If hotplug is not working then gpg gives the following error when
accessing the card,

    gpg: apdu_open_reader: failed to open driver `': cannot open shared object file: No such file or

Initially I tried installing the pcsc packages to get rid of the
error.  Could be worth adding a note that these are not needed for USB

- - CVS access

On ://  there is a link
"The smartcard howto is also available via CVS"

I couldn't find the original source, I tried checking out "gnupg-www"  
but it seems to contain derived files in gnupg-www/howtos/card-howto/en
according to the README there.

- ----------------------------------------------------------------------
Version: GnuPG v1.2.4 (GNU/Linux)


More information about the Gnupg-devel mailing list