Forwarding scdaemon over SSH - is it possible?

Michael Fladischer michael at
Thu Jun 9 13:09:49 CEST 2016


some months ago I bought a Yubikey Neo 4 to store my private key on. It
works perfect with GnuPG on my local Laptop.

Now I would like to sign some files with my key on a remote server
(build machine). I'm logged in there over SSH and I tried forwarding the
unix domain socket from scdaemon over the relatively new
SSH-unix-domain-socket-forwaring feature like this:

ssh -R ~/.gnupg/S.scdaemon:~/.gnupg/S.scdaemon

So far this works as it creates a socket on the server at
~/.gnupg/S.scdaemon. If I now try to test it this happens:

$ gpg2 --card-status
gpg: error getting version from 'scdaemon': No SmartCard daemon
gpg: OpenPGP card not available: No SmartCard daemon

It seems that just forwarding the socket is not enough and gpg2 wants an
actually running scdaemon o the server.

Does anyone have an idea how i could trick gpg2 into using my socket to
talk to my local scdaemon?

Michael Fladischer

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20160609/3f9745ec/attachment.sig>

More information about the Gnupg-users mailing list