Way to use existing scdaemon

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Feb 21 05:08:33 CET 2017


On Mon 2017-02-20 21:53:40 -0500, Daurnimator wrote:
> I want to be able to run scdaemon as my own user daemon (without
> running gpg-agent).
> This isn't a problem, except that you can't really run more than one
> scdaemon at once.
> So if some misc program starts gpg-agent, then gpg-agent starts it's
> *own* scdaemon, which doesn't work as intended.due to the first one
> already having e.g. my smart card open.
> ==> I'd like an option to put in my gpg-agent.conf to tell it to try
> to find a 'scdaemon --multi-server' socket ready and waiting
> somewhere.
>
>> You can use all scdaemon commands via gpg-agent by prefixing the command
>> with "SCD ", like this
>>
>>   $ gpg-connect-agent
>>   > scd apdu --atr
>>   S CARD-ATR 3BDA11FF81B1FE551F0300318473800180009000E4
>>   OK
>
> I'm hoping to not run gpg-agent.

you've said twice in here that you don't want to run gpg-agent, but
people here have already told you that scdaemon is really designed to be
supervised by gpg-agent.  And it sounds like you're likely to have an
instance of gpg-agent running anyway, so it's not like you are trying to
build a machine that doesn't have gpg-agent installed at all, either.

So it kind of sounds like the old routine where the patient says "doc,
it hurts when i do this," and the doctor says "well, don't do that then"
:P

Maybe you've got a good reason to want to run scdaemon without running
gpg-agent, but we don't know what it is.  Can you explain a bit more why
running gpg-agent to supervise scdaemon is a problem for you?

        --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: </pipermail/attachments/20170220/6c62c40a/attachment.sig>


More information about the Gnupg-devel mailing list