gnupg smartcard on boot for LUKS on sid debian howto ?

tux.tsndcb at free.fr tux.tsndcb at free.fr
Tue May 20 17:28:20 CEST 2014


Hello Peter,

More informations may be help you to help me :

If I boot on rescue mode, same issue during boot phase :

- PIN code wrong (not asked on my smartcard reader, and if I write it on keyborad => wrong) but passphase OK.

After boot if I enter on "root" mode after type root password (so console mode).

If I type  the same commands :

gpg --card-status --debug-ccid-driver => I have no error, so normaly it is good, isn't it ?

and if I done :

echo scd getinfo reader_list | gpg-connect-agent --decode | awk '/^D/ {print $2}'
answer
0982:0008:000000F5:0

same good result.

If I try :

gpg --card-edit
admin
verify

PIN code is well asked on my smartcard reader and works well.

So is it possible to add a "debug mod" on your script to have more informations during boot phase ?

Thanks in advance for your help

Best Regards


----- Mail original -----
De: "tux tsndcb" <tux.tsndcb at free.fr>
À: "Peter Lebbing" <peter at digitalbrains.com>
Cc: gnupg-users at gnupg.org
Envoyé: Mardi 20 Mai 2014 16:03:58
Objet: Re: gnupg smartcard on boot for LUKS on sid debian howto ?

Hello Peter,

If I done :

gpg --card-status --debug-ccid-driver => I have no error, so normaly it is good, isn't it ?

and if I done :

echo scd getinfo reader_list | gpg-connect-agent --decode | awk '/^D/ {print $2}'
answer
0982:0008:000000F5:0

it is well my smartcard reader with my smartcard detected.

so do you have an idea with it's wrong on boot ?

Here /etc/keys files :

-rw-r--r-- 1 root root  769 mai   18 17:43 cryptkey.gpg
-rw------- 1 root root 4975 mai   18 18:05 pubring.gpg~
-rw------- 1 root root 4975 mai   18 18:05 pubring.gpg
-rw------- 1 root root 5050 mai   18 18:05 secring.gpg
-rw------- 1 root root 7807 mai   19 18:29 gpg.conf


Here my gpg.conf file :

utf8-strings
keyserver hkp://keys.gnupg.net
auto-key-locate local
verbose
default-key {YOURKEY}
require-cross-certification

Do I've missing an option in this gpg.conf file ?

Thanks in advanced for your return

Best Regard

_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users



More information about the Gnupg-users mailing list