Possible bug when using smartcards and gpg-agent2.0 as the ssh-agent
Víctor Cuadrado Juan
me at viccuad.me
Wed Aug 12 20:55:10 CEST 2015
I'm using gpg-agent 2.0.28 (Debian Stretch) as the ssh agent, with
I have disabled the Gnome Keyring, and I'm only using gpg-agent. I have
a properly configured Yubikey Neo with an auth subkey, and the Yubikey
is correctly configured and in use. I have a clean ~/.gnupg/sshcontrol
file, and no ~/.ssh directory at all.
At first instance everything works fine, 'ssh-add -l' and 'ssh-add -L'
show my key when I have my Yubikey connected: (I'm redacting the key and
the card number)
$ ssh-add -l
Yet when I try to use it to connect to the server by ssh I get a GUI
popup that says:
"take out the current card and insert the one with the serial number:
(In my case, in spanish, "Retire tarjeta actual e inserte la que
tiene número de serie: ")
The serial number on ssh-add -L is the same "card-no" that appears next
to the auth subkey in gpg --card-status, which is 12 chars long.
The gpg-agent pop-up serial numbers seems to correspond to the
"Application ID" displayed in gpg --card-status, which is 32 chars long.
This seems like a bug. Am I missing something? Should I post this on
Thanks in advance,
E-Mail: <me at viccuad.me>, OpenPGP-Key-ID: 0xA2591E231E251F36
Key fingerprint: E3C5 114C 0C5B 4C49 BA03 0991 A259 1E23 1E25 1F36
My signed E-Mails are trustworthy.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 455 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users