gnupg smartcard on boot for LUKS on sid debian howto ?

Peter Lebbing peter at digitalbrains.com
Wed May 21 20:58:10 CEST 2014


On 21/05/14 15:24, tux.tsndcb at free.fr wrote:
> Could you tel me what reader you use ?

I'm sorry that I currently don't have the time to help you properly.

I used an SCM SCR3310 while "developing" the scripts, but on my main PC (which I
did not use), I use an SCM SPR532.

Yesterday, I suddenly realised that your problem might be related to the fact
you have a pinpad. The script uses cryptsetup's askpass program to pass a PIN or
passphrase to gpg on stdin; perhaps it goes wrong because this is combined with
input from a pinpad, which would be an odd way to call gpg.

The scripts are pretty simple bash scripts; you could adapt them or try the
invocations done in the script from a root terminal and see what they do.

Oh, which reminds me. At least on Jessie, the askpass program disables echoing
and never re-enables it, so you can't see what you are typing after calling it.
(Blindly) type "reset" and press enter to reset your terminal settings, which
re-enables character echoing. I suppose it's a bug and should be reported.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>



More information about the Gnupg-users mailing list