Smartcard Hotplug?
Marc Mercer
mmercer at twinprime.com
Thu Nov 5 09:06:47 CET 2015
Niibe,
Thank you so much for your help! I now have a working hotplug scenario via
pcscd, and the rest of my functions are working now as well. I could not
be happier.
I will document the process on my blog later tonight so that others can
benefit from the info. Hopefully it should save you some troubles as users
struggle to get the right combination of configs in place.
It fixed my cryptostick as well, so I am ecstatic :)
-Marc
Marc Mercer | *DevOps Architect*
M: (408) 470 - 9256 | E: mmercer at twinprime.com
805 Veterans Blvd, Redwood City CA 94063 | http://www.twinprime.com
On Wed, Nov 4, 2015 at 4:03 PM, NIIBE Yutaka <gniibe at fsij.org> wrote:
> Hello,
>
> I pushed my change for the issue of internal CCID driver of GnuPG.
>
>
> http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=1e94a672efb8bf66f416bc63bf6670e509a21fe5
>
> It will be in the next release (2.1.10). I think that this change
> fix the issue on Fedora with internal CCID driver of GnuPG.
>
> I tried with my Yubikey, but I realized that my device is
>
> Yubico Yubikey NEO OTP+U2F
>
> ... with lack of CCID (and OpenPGPcard) support.
>
>
> On 11/05/2015 02:08 AM, Marc Mercer wrote:
> > With disable-ccid, I of course had no actual pcscd service, so
> determined I
> > needed to install pcsc-lite,
> > not just the libs. Installed that, enabled the service, set disable-ccid
> > in the scdaemon.conf and attempted
> > to use gpg2 --card-status, and we are not loading at all at this point.
> I
> > would imagine that has to do with
> > the fact that there is no pscs configuration for this card right now, so
> I
> > will see if I can dig around and find that.
>
> Looking the repository (pkgs.fedoraproject.org), I think that you also
> need to install "pcsc-lite-ccid" package to access the device.
>
> > Here is what I am seeing in the debug log with disable-ccid%:
> >
> > 2015-11-04 09:06:56 scdaemon[29294] listening on socket
> > '/home/mmercer/.gnupg/S.scdaemon'
> > 2015-11-04 09:06:56 scdaemon[29294] handler for fd -1 started
> > 2015-11-04 09:06:56 scdaemon[29294] DBG: enter: apdu_open_reader:
> > portstr=(null)
> > 2015-11-04 09:06:56 scdaemon[29294] pcsc_list_readers failed: unknown
> PC/SC
> > error code (0x8010002e)
> > 2015-11-04 09:06:56 scdaemon[29294] DBG: leave: apdu_open_reader =>
> slot=-1
> > [pc/sc]
> > 2015-11-04 09:06:56 scdaemon[29294] DBG: chan_5 -> OK GNU Privacy Guard's
> > Smartcard server ready
> > 2015-11-04 09:06:56 scdaemon[29294] DBG: chan_5 <- GETINFO socket_name
> > 2015-11-04 09:06:56 scdaemon[29294] DBG: chan_5 -> D
> > /home/mmercer/.gnupg/S.scdaemon
> > 2015-11-04 09:06:56 scdaemon[29294] DBG: chan_5 -> OK
> > 2015-11-04 09:06:56 scdaemon[29294] DBG: chan_5 <- OPTION event-signal=12
> > 2015-11-04 09:06:56 scdaemon[29294] DBG: chan_5 -> OK
> > 2015-11-04 09:06:56 scdaemon[29294] DBG: chan_5 <- SERIALNO openpgp
> > 2015-11-04 09:06:56 scdaemon[29294] DBG: enter: apdu_open_reader:
> > portstr=(null)
> > 2015-11-04 09:06:56 scdaemon[29294] pcsc_list_readers failed: unknown
> PC/SC
> > error code (0x8010002e)
> > 2015-11-04 09:06:56 scdaemon[29294] DBG: leave: apdu_open_reader =>
> slot=-1
> > [pc/sc]
> > 2015-11-04 09:06:56 scdaemon[29294] DBG: chan_5 -> ERR 100663404 Card
> error
> > <SCD>
> > 2015-11-04 09:06:56 scdaemon[29294] DBG: chan_5 <- RESTART
> > 2015-11-04 09:06:56 scdaemon[29294] DBG: chan_5 -> OK
>
> Thanks. It is expected result (given the condition there's no libccid).
> --
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20151105/be33e9ee/attachment-0001.html>
More information about the Gnupg-devel
mailing list