OpenPGP card v2.1 and Cherry ST-2000U - Only 1024-bit keys are possible

Guan Xin guanx.bac at
Thu Sep 10 16:23:18 CEST 2015


I'm new to gpg. Just got a Cherry ST-2000U and OpenPGP card v2.1.
I can generate 1024-bit keys with the "generate" command of gpg2.
However, generation of 2048 or 4096-bit keys never succeed. The errors are:
... ... (snip)
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
scdaemon[10116]: generating new key
scdaemon[10116]: 3 Admin PIN attempts remaining before card is
permanently locked
scdaemon[10116]: DBG: prompting for pinpad entry '|A|Please enter the Admin PIN'
scdaemon[10116]: please wait while key is being generated ...
scdaemon[10116]: ccid_transceive failed: (0x1000a)
scdaemon[10116]: apdu_send_simple(0) failed: card I/O error
scdaemon[10116]: generating key failed
gpg: key generation failed: Card error
Key generation failed: Card error

Software versions:
gpg (GnuPG) 2.0.29
libgcrypt 1.5.3

Any help/hint is appreciated. Thanks in advance!


More information about the Gnupg-users mailing list