Fix for smartcards on some newer linux distros

Grant Olson kgo at
Sun Mar 10 01:10:20 CET 2013

I found a few threads going back at least a year where people where
having trouble getting smartcards running with gpg2 on newer linux
distros.  Users would see this error when querying the card-status:

    gpg: selecting openpgp failed: Unsupported certificate
    gpg: OpenPGP card not available: Unsupported certificate

I just ran into the error and spent a few days banging my head against
the wall. But I got things working and thought I'd report here for
the sake of the interwebz.

## Hack fix - disable gnome-keyring-daemon

Just move gnome-keyring-daemon so it doesn't load:

    sudo mv /usr/bin/gnome-keyring-daemon

## Better fix - enable-ssh-support

After I had things running I setup gpg-agent to act as my ssh agent as
well.  Then I went to write a blog post and couldn't reproduce the
problem to copy-and-past the output.  Sure enough, after disabling ssh
support in gpg-agent, the problem resurfaced.

So that's a better fix that lets gnome-keyring-daemon run.

I'm guessing that once you enable ssh support, gpg-agent grabs access
to the smart card before the gnome-keyring-daemon.

I wrote up a more detailed blog post here:

Hope this helps some other unfortunate souls.


P.S.  Wonder if we can get a better error message since this really
has nothing to do with unsupported certificates.

More information about the Gnupg-users mailing list