smartcard signing does not work in VM (in contrast to decryption and authentication)

Hauke Laging mailinglisten at hauke-laging.de
Wed May 26 02:05:31 CEST 2010


Hello,

I experience a strange problem. I have bought a smartcard in order to have my 
keys available at work without storing my keys there.

I can decrypt files using the smartcard and I can log into my home system via 
SSH and the smartcard but if I try to sign a file then I get an error message 
after entering the PIN at the card reader.

I don't have the shell output available as I just tried this at home. Using 
the same smartcard and the same cardreader I can sign files so it seems not to 
be a hardware problem.

This is from the log file, in German though:


2010-05-19 15:15:13 gpg-agent[4920] Handhabungsroutine 0xb786fa58 für den fd 8 
beendet
2010-05-19 15:15:35 gpg-agent[8699] Handhabungsroutine 0xb78a3b60 für fd 8 
gestartet
2010-05-19 15:15:35 gpg-agent[8699] new connection to SCdaemon established 
(reusing)
gpg-agent[8699.9] DBG: -> SERIALNO openpgp
gpg-agent[8699.9] DBG: <- S SERIALNO D27600012401020000050000047B0000 0
gpg-agent[8699.9] DBG: <- OK
gpg-agent[8699.9] DBG: -> SERIALNO openpgp
gpg-agent[8699.9] DBG: <- S SERIALNO D27600012401020000050000047B0000 0
gpg-agent[8699.9] DBG: <- OK
gpg-agent[8699.9] DBG: -> SETDATA 7AB58F01073D0FC253E898F06D9B22...
gpg-agent[8699.9] DBG: <- OK
gpg-agent[8699.9] DBG: -> PKSIGN 
D27600012401020000050000047B0000/8112FDF77EC342B0B125E0D55BA0F8B53A403251
gpg-agent[8699.9] DBG: <- INQUIRE POPUPKEYPADPROMPT ||Bitte die PIN 
eingeben%0A[Sigs erzeugt: 0]
2010-05-19 15:15:47 gpg-agent[8699] starting a new PIN Entry
2010-05-19 15:15:47 gpg-agent[8699] DBG: connection to PIN entry established
gpg-agent[8699.9] DBG: -> END
gpg-agent[8699.9] DBG: <- INQUIRE DISMISSKEYPADPROMPT
gpg-agent[8699.9] DBG: -> END
gpg-agent[8699.9] DBG: <- ERR 100696113 Eingabe-/Ausgabefehler <SCD>
gpg-agent[8699.9] DBG: -> RESTART
gpg-agent[8699.9] DBG: <- OK

"Eingabe-/Ausgabefehler" (last line but two) is "I/O error". That is 
approximately the shell error message.


I use 2.0.15 on both systems, openSUSE 11.2 each. The most obvious difference 
is that my home system runs on hardware and the work system in VMware 2 (host 
system openSUSE 11.1).

Thus USB timing may be slightly different but resulting in failure does not 
make any sense to me. Luckily decryption and authentication are the two 
features I really need there... ;-)  But perhaps somebody has an idea how to 
let me sign there, too.


CU

Hauke
-- 
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20100526/ef43c69e/attachment.pgp>


More information about the Gnupg-users mailing list