Some questions about working with different versions of GnuPG and the fsfe's card on subkeys doc [UPDATED]]
stebe at mailbox.org
stebe at mailbox.org
Mon Feb 15 14:19:27 CET 2016
stebe at mailbox.org:
Hi,
I (re)post this message as the Nitrokey support website informs that
users can ask on this list for getting support. If I am wrong and/or
this is not the appropriate list, please let me know.
-------- Weitergeleitete Nachricht --------
Betreff: Re: Some questions about working with different versions of
GnuPG and the fsfe's card on subkeys doc [UPDATED]]
Datum: Fri, 12 Feb 2016 16:44:31 +0100 (CET)
Von: stebe at mailbox.org
An: gnupg-users at gnupg.org
(UPDATED]
> stebe at mailbox.org hat am 12. Februar 2016 um 11:43 geschrieben:
>
>
> Hi,
>
>
> just a few more questions on key generation and the fsfe doc (1)
>
> Following the indications in the referred document I have used a LIVE OS
> for all the steps indicated in it (up to now), and GnuPG version 2.1.9.
>
> I understand that the sections starting with "Removing the master key
> from
> the keyring" up to "Remove backups from your machine" have to be
> performed
> on the machine/OS I actually use to work/communicate with gpg/Enigmail
> (GnuPG version 2.0.19).
[...]
I have problems getting GnuPG v.2.0.19 to work with the Nitrokey Pro USB
Smart Card (reader is integrated into device). After importing the
pubkey and connecting the Smart Card I performed these steps:
#Gnome Keyring already being disabled, being installed the following
packages: opensc, pcscd, libccid, Nitrokey udev rules installed, having
performed a udevd stop and restart, and added required strings to
/etc/libccid_Info.plist :
#checking if Smart Card is connected
lsusb
[...]
Bus 00x Device 00y: ID 20a0:4108 Clay Logic
#firing up gpg.agent to be able to enter Admin PIN of Smart Card with
pinentry (enabling ssh-support at the same time and writing info to file)
gpg-agent --daemon --enable-ssh-support --write-env-file
"${HOME}/.gpg-agent-info"
GPG_AGENT_INFO=/tmp/gpg-vZhcne/S.gpg-agent:3187:1; export GPG_AGENT_INFO;
SSH_AUTH_SOCK=/tmp/gpg-I4JNzi/S.gpg-agent.ssh; export SSH_AUTH_SOCK;
SSH_AGENT_PID=3187; export SSH_AGENT_PID;
# checking if gpg2 can connect to Nitrokey Pro USB Smart Card
gpg2 --card-status
gpg-agent[3197]: can't connect to the SCdaemon: IPC "connect" failed
gpg: OpenPGP card not available: no card daemon
#checking it further
$ opensc-tool -l
No smart card readers found
#(I only have this one and only Smart Card, so no error due to multiple
#readers/cards possible)
opensc-explorer
OpenSC Explorer version 0.12.2
No smart card readers found
#for making sure that gnome-keyring is really dead
$ pkill -f gnome-keyring-daemon
gpg2 --card-status
gpg-agent[3488]: can't connect to the SCdaemon: IPC "connect" failed
gpg: OpenPGP card not available: no card daemon
[...]
I checked the Nitrokey support docs, their FAQ, in addition to (1) and
(2) the gpg manpages and the gnupg info manual. Is there anyone that
has/had similar problems? What else can I check for troubleshooting?
In fact, the device is being recognized using gpg but I'd like to use it
with gpg2.
--> follow the remaining steps indicated in the referred FSFE's
card-howTo-doc (1)
Any objections, hints welcome.
Stebe
(1) https://wiki.fsfe.org/Card_howtos/Card_with_subkeys_using_backups
(2) https://github.com/OpenSC/OpenSC/wiki/OpenPGP-card
_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
More information about the Gnupg-users
mailing list