gnupg smartcard on boot for LUKS on sid debian howto ?
Peter Lebbing
peter at digitalbrains.com
Mon May 19 20:01:38 CEST 2014
Hello,
> First good news, as I tell you during initramfs generation, I see no
> trace for /etc/key/cryptkey.gpg, but this file is obligatory OK
> because passphrase works on boot (with gpg.conf in /etc/keys) (may be
> it it's because my test is for /data/test encrypted FS and not /)
Indeed you will only get the messages when it's the root drive you want
to unlock. I haven't tested other configurations. I think it ought to
work for other volumes that are unlocked on boot.
> But I've always :
>
> gpg: pcsc_etablish_context failed: no service (0x8010001d) gpg: card
> reader not evailable
>
> may be it's problem on boot with 60-gnupg.rules file ? This file
> works fine after boot because smartcard redaer works fine.
Is your card reader supported by GnuPG's internal CCID driver or do you
need pcscd for the smartcard to work? Related question: Is pcscd usually
running?
As I said, your smartcard reader really needs to be supported by GnuPG's
internal driver, it will not work if pcscd is needed. The messages seem
to indicate that pcscd is needed.
HTH,
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users
mailing list