SSH authentication using OpenPGP 2.0 smartcard

Patryk Cisek patryk at
Thu Jan 27 16:01:20 CET 2011

I finally got it working.

Seems like there's some kind of problem with CCID for those readers
-- I'd used internal GnuPG's CCID driver until yesterday.

I've got 2 readers:
OmniKey CardMan 3121 (USB device)
OmniKey CardMan 4040 (PCMCIA device)

Both had the same problem; signing worked fine, but authentication

Yesterday I tried to get them working with PCSC-Lite using
manufacturer's drivers:

>From this moment both readers work perfectly. One minor issue is that
for 3121 (USB) I have to kill scdaemon several times in a row when
plugging in reader. For 4040 (PCMCIA), since no hot-plug mechanism,
additionally I have to (re)start pcscd.

Nevertheless works as expected now. :)

On Tue, Jan 25, 2011 at 08:39:28PM +0100, Werner Koch wrote:
> On Tue, 25 Jan 2011 18:39, kgo at said:
> > Actually, I also needed to run 'gpgkey2ssh 0xDEADBEEF >>
> > ~/.ssh/authorized_keys" so I could ssh into the box as well.
> You should use
>   ssh-add -L
> which gives you the public key.  The comment field has the card number.
> Shalom-Salam,
>    Werner
> -- 
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at

More information about the Gnupg-users mailing list