gpg-agent unable to see yubikey until manually re-running `gpg --card-status`

NIIBE Yutaka gniibe at fsij.org
Wed Jun 17 10:55:02 CEST 2015


Hello,

On 06/17/2015 07:41 AM, Lance R. Vick wrote:
> Every time I insert my yubikey into a system I must do 'gpg
> --card-status' to make gpg-agent aware it exists again.

Please pardon my ignorance, I don't have Yubikey at hand.

Is the following common use cases of Yubikey?

> Using: gpg/gpg-agent 2.1.4
> 
> Expected Results:
> 
> 1. Insert yubikey
> 2. Issue version command to gpg agent
> 3. Version is reported
> 4. Remove and re-insert key
> 5. Issue version command to gpg agent
> 6. version is reported

And... is the following to get version of Yubikey?

> [lrvick at tsar ~]$ gpg-connect-agent --hex "scd apdu 00 f1 00 00" /bye
> D[0000]  01 00 08 90 00                                     .....           
> OK

Yes, it only works after gpg --card-status or something.

In the current implementation, gpg-agent invokes scdaemon on demand.
(gpg-agent doesn't detect insertion of device or card.)

I don't understand from where "scd apdu 00 f1 00 00" came.

Could you please share the reason why you consider it works well?
-- 



More information about the Gnupg-users mailing list