gpg-agent: error accessing card: Conflicting use
Jan-Philipp Litza
janphilipp at litza.de
Sat Oct 24 14:56:10 CEST 2015
Hi everybody,
I'm having the same problem and found the following steps to reproduce:
0. Configure your Yubikey NEO to eject the card on button press:
ykneomgr -M81
Re-plug it afterwards!
1. Insert the Yubikey and press button to insert the (virtual) card
2. Use the authentication key stored on the card to log in to a SSH host
3. Press button to remove the (virtual) card
(or wait if you have a timeout for auto-eject configured)
4. Press button to insert the (virtual) card again
5. Do anything that requires the card (e.g. gpg -d)
gpg: public key decryption failed: Conflicting use
Instead of having the SSH session still open, it suffices to have a
persistent connection (ControlPersist ssh config option). Apparently,
even an authenticated SSH session somehow still uses the agent (even
without agent forwarding configured), and if the card was removed and
re-inserted, this somehow blocks its usage.
So instead of restarting the gpg-agent, you can also kill all open ssh
sessions.
Best regards,
Jan-Philipp Litza
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20151024/6c49b218/attachment.sig>
More information about the Gnupg-users
mailing list