smart card under linux

[Tristan Santore]

On 20/10/14 23:36, Philip Jackson wrote:
> After a couple of weeks away from the smartcard issue, I've tried again from
> scratch.  Under Windows7 using GpG4win 2.2.2 with an SCM3512 reader, SCM's
> drivers and G10's openpgp v2 card, gpg --card-status provides the following output :
>
> Application ID ...: D2760001240102000005000028700000
> Version ..........: 2.0
> Manufacturer .....: ZeitControl
> Serial number ....: 00002870
> Name of cardholder: [not set]
> Language prefs ...: [not set]
> Sex ..............: unspecified
> URL of public key : [not set]
> Login data .......: [not set]
> Signature PIN ....: forced
> Key attributes ...: 2048R 2048R 2048R
> Max. PIN lengths .: 0 0 0
> PIN retry counter : 0 0 0
> Signature counter : 0
> Signature key ....: [none]
> Encryption key....: [none]
> Authentication key: [none]
> General key info..: [none]
>
> This looks promising but I didn't take it any further because I want to get it
> going under my UbuntuStudio 1404 linux. Using gnupg2 2.0.26.
>
> Trying to use the GnuPG driver to access CCID cards, "gpg2 --card-status" yields
> the following output :
>
> gpg: selecting openpgp failed: Card error
> gpg: OpenPGP card not available: Card error
>
>
> I've followed, I believe, all the instructions in the gnupg.com smartcard howto.
>  In para 2.3.1 CCID : I've tried both the instructions under 'with udev
> (preferred installation)' and further down 'with hotplug (deprecated in modern
> systems)'
>
> In the /etc/udev/rules.d/ directory there is a README which says that symbolic
> links should not be used in Ubuntu (unlike Debian) so I placed a copy of
> gnupg-ccid.rules directly in that directory.  But that didn't help.
>
> lsusb shows that the SCM card reader is recognised and present but gpg doesn't
> seem to be able to make contact.
>
> I'd appreciate any ideas for what to try next.
>
> Philip
>
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> Philip,

Further, to the previous question, which distribution are you currently
using ? There is a locking issue in Fedora with pcscd. I have not had
time to dig deeper yet, but libvirt and some other binaries appear to be
blocking the card.

Temporary fix is to add a sudo line to restart pcscd or to disable the
affected binaries, which might not be desirable.

I will be looking into this further soon, just have some other work and
also travel for work approaching, so I have not had much time yet.

Regards,

Tristan

-- 

Tristan Santore BSc MBCS
TS4523-RIPE
Network and Infrastructure Operations
InterNexusConnect
Mobile +44-78-55069812
Tristan.Santore at internexusconnect.net

Former Thawte Notary
(Please note: Thawte has closed its WoT programme down,
and I am therefore no longer able to accredit trust)

For Fedora related issues, please email me at:
TSantore at fedoraproject.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20141021/2c013f02/attachment.html>