Card only available to root user

Luis de Bethencourt luis at debethencourt.com
Fri Aug 5 10:25:33 CEST 2011 

On Fri, Aug 05, 2011 at 09:32:35AM +0200, Werner Koch wrote:
> On Fri,  5 Aug 2011 01:49, luis at debethencourt.com said:
> >
> > luisbg at atlas ~ $ gpg --card-status
> > gpg: selecting openpgp failed: Unsupported certificate
> 
> What kind of reader are you using?
> 
> > luisbg at atlas ~ $ gpg-agent --server gpg-connect-agent
> 
> Now that is a strange command.  The "gpg-connect-agent" argument is
> simply ignored.  What you do is sto start a new gpg-agent in --server
> mode, that is without it listening on a socket but connected to the tty.
> 
> You should first start gpg-agent after checking that no other one is
> running.  For testing I do it this way
> 
>   $ gpg-agent --daemon sh
> 
> This creates a new shell and if you terminate this shell (exit) the
> gpg-agent will terminate as well after a few seconds.  Then use
> 
>   $ gpg-connect-agent
>   SCD SERIALNO
>   BYE
> 
> or 
> 
>   $ gpg-connect-agent 'SCD SERIALNO' /bye
> 
> or to get all info from the card
> 
>   $ gpg-connect-agent 'scd learn --force' /bye
>

When I do it as you say I get:
gpg-connect-agent 'scd learn --force' /bye
ERR 103 unknown command

I always get that 'unknown command' error in all the variatons you explained.

But it works when I do it through gpg-agent --server.
 
> 
> My guess at your problem is that there is another gpg-agent running
> which has the scdaemon open.  The one you started under root?
> 

It looks like everytime I do gpg --card-status it spawns a new scdaemon. After
the card information you can see the following line:

scdaemon[7684]: scdaemon (GnuPG) 2.0.17 stopped

and ps doesn't show any scdaemon running after that.

> To debug this you should put these lines into scdaemon.conf
> 
> log-file /foo/bar/scd.log
> debug 2049
> debug-ccid-driver
> verbose
> 
> 
> Salam-Shalom,
> 
>    Werner
> 
> 
> -- 
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
> 

Thanks for the help,
Luis
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: </pipermail/attachments/20110805/551485ff/attachment.pgp>

More information about the Gnupg-users mailing list