Omnikey 3821 with OpenPGP Card and Pin Pad Entry
Tristan Santore
tristan.santore at internexusconnect.net
Thu Oct 24 07:48:14 CEST 2013
Dear All,
I have finally had time to play with the Omnikey 3821 and my OpenPGP
cards. Yesterday, I somehow managed to get the Omnikey reader to accept
pinpad entries. I suspect it was the enable-pinpad-varlen option in
~/.gnupg/scdaemon.conf, which did this. This worked for setting the
password on card, but would not accept the password for an Auth Key I
generated, that is expert mode then deselect (E) and (S) to leave the
(A)uthentication bit.
When I now set the enable-pinpad-varlen I keep getting:
debug1: Offering RSA public key: cardno:00050XXXXXXXX
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 535
debug2: input_userauth_pk_ok: fp
da:c6:79:b0:59:46:ba:15:e2:9c:ea:4b:a7:50:fa:75
debug3: sign_and_send_pubkey: RSA
da:c6:79:b0:59:46:ba:15:e2:9c:ea:4b:a7:50:fa:75
Agent admitted failure to sign using the key.
debug1: Trying private key: /home/blah.....
Also, when I try gpg2 --card-edit, pinentry does not ask me to enter the
pin, with the pinpad showing the request on the Omnikey's LCD screen.
When I remove the enable-pinpad-varlen option from
~/gnupg/scdaemon.conf, pinpad-gtk pops up and asks me to enter the password.
Is there something I missed ? It worked fine yesterday, minus the Auth
pin issue. I was hoping to finally get there with the setup and be able
to use the pinpad for pin entries.
Any insights of you all, would be most appreciated.
If I can provide you with any further output, which might help, let me
know how and what you need, and I will be most happy to oblige.
Thank you in advance.
Regards,
Tristan
--
Tristan Santore BSc MBCS
TS4523-RIPE
Network and Infrastructure Operations
InterNexusConnect
Mobile +44-78-55069812
Tristan.Santore at internexusconnect.net
Former Thawte Notary
(Please note: Thawte has closed its WoT programme down,
and I am therefore no longer able to accredit trust)
For Fedora related issues, please email me at:
TSantore at fedoraproject.org
More information about the Gnupg-users
mailing list