problem signing with a smart card
Tzafrir Cohen
tzafrir at cohens.org.il
Thu Jan 21 06:54:19 CET 2016
Hi,
I have a g10code PGP smart card. Recently I have not been able to sign
using the card.
I generated a test gnupg directory to test stuff on a copy of the data:
I tried using various versions of gpg1 and gpg2 (.0), and all seem to
behave similarly, though I checked gpg (1.4.20) and gpg2 (2.0.28) most
extensively.
$ gpg2 --home $PWD --list-secret-keys
/home/tzafrir/gpgtest/secring.gpg
---------------------------------
sec 4096R/19765111 2013-08-08 [expires: 2023-08-06]
uid Tzafrir Cohen <tzafrir at debian.org>
uid Tzafrir Cohen <tzafrir at cohens.org.il>
uid Tzafrir Cohen <tzafrir.cohen at xorcom.com>
ssb> 3072R/0325A0CE 2014-09-29
ssb> 3072R/AFFB7FAE 2014-09-29
ssb> 3072R/07DAF838 2014-09-29
ssb 2048R/BBB53C25 2016-01-21
gpg2 --card-status shows keys matching to those three keys.
The last subkey is one I generated for testing.
The following work as expected:
echo hi | /usr/bin/gpg --home $PWD --default-key '19765111!' --sign -a
echo hi | /usr/bin/gpg --home $PWD --default-key 'BBB53C25!' --sign -a
However:
echo hi | /usr/bin/gpg --home $PWD --default-key '0325A0CE!' --sign -a
Gives:
gpg: no default secret key: unusable secret key
gpg: signing failed: unusable secret key
If I omit the option --default-key or give there 19765111, I get a
signature by BBB53C25 (and before I created it: by the main key).
I did verify I can use the encryption key to decrypt some encrypted
files I had (this works just fine).
What more can I do to check where the problem is?
System is Debian Testing.
--
Tzafrir Cohen | tzafrir at jabber.org | VIM is
http://tzafrir.org.il | | a Mutt's
tzafrir at cohens.org.il | | best
tzafrir at debian.org | | friend
More information about the Gnupg-users
mailing list