Feature Request: Add a --card parameter

Romain Griffiths romain.griffiths at gmail.com
Sat Jan 22 09:57:03 CET 2022


When having several identical Yubikeys, it's not possible to choose
among them in a deterministic way.
 I use different local user for daily work and admin. I want 2
different Yubikeys to hold the keys for those identities, and have the
2 yubikeys plugged all-time.

I can't use the reader-port parameter for this as both card reports
the same reader name.
$ echo scd getinfo reader_list | gpg-connect-agent --decode
D 1050:0407:X:0
D 1050:0407:X:0

I did not succeed using the port number under usb neither, and I guess
this number would change depending on the insertion order of the

Instead I would like to use the Application ID in gnupg/card_list
$ echo scd getinfo card_list | gpg-connect-agent
S SERIALNO D2760001240103040006XXXXXXXX0000

e.g. setting up in scdaemon.conf:
card D2760001240103040006XXXXXXXX0000
would select only this Yubikey for scdaemon operations.

scdaemon should also not lock the other readers to that several log-in
users could use their own Yubikey.

Thank you.


More information about the Gnupg-devel mailing list