Surprising gnupg-agent action with OpenPGP card
Werner Koch
wk at gnupg.org
Sun Sep 16 12:23:35 CEST 2007
On Fri, 14 Sep 2007 22:47, jam at jamux.com said:
> gpg: DBG: connection to agent established
> gpg: OpenPGP card net availableS No SmartCard daemon
Either scdaemon is not instaled or gpg-agent is not abale to start it.
Also check that gpg-agent.conf does not have the option
--disable-scdaemon active.
> and nothing from 'debug-ccid-driver' while 'gpg --card-status' works
Well, if gpg can't use scdaemon it falls back to its own code. It needs
to use scdaemon via gpg-agent becuase scdaemon would have opened the
card reader and it requires exlusive access to it.
> Apparently gnome starts '/usr/bin/gpg-agent --daemon --sh' on login to
> the new user account. On Debian, /usr/bin/scdaemon is installed by
> the gpgsm package which is depended upon by the gnupg-agent package.
Add debugging to gpg-agent, using verbose and log-file in gpg-agent.conf
could suffice. You might also want to use watchgnupg daemon which is a
smarter way of looking at the log files becuase alllog output from the
daemons are collected in one stream. I usually have an xterm running
with "watchgnupg --force ~/.gnupg/S.log" and a
"log-file socket:///home/foo/.gnupg/S.log"
in {gpg-agent,gpgsm,scdaemon.dirmngr}.conf. For this. gpg2 you need to
have a separate conf file ("gpg.conf-2) if you want to have this log
option so that can still use .
Use gpg-connect-agent for debugging: "gpg-connect-agent -v" gives
aprompt. You may enter tehre "/help" for some advanced commands, but in
general you will use:
SCD SERIALNO
The "SCD" is a prefix which lets gpg-agent pass the rest of the line
verbatim to scdaemon; that is, it is the same as starting "scdaemon
--server". for a list of the commands available see the gnupg info page.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
More information about the Gnupg-users
mailing list