smartcard reader

Bjoern Kahl mls at
Sun Oct 23 00:16:57 CEST 2016

 Hi All,

Am 20.10.16 um 19:46 schrieb lists at
>> Are there any new options that weren't listed already?
> yubikey4
> Although I had very good experience with the SPR 532 (and a lot of trouble with another Cyberjack reader, the Comfort IIRC), the yubikey token has a better trade-off between usability and security for me.
> Mainly because its usable on mobile devices through openkeychain, but good support of 4k RSA keys is also welcome. Lack of a pin-pad is the main drawback. Tamper resistance and firmware source may be other discussion topics.

 Not sure the YubiKey4 is a good choice to start with.  I bought one
 specifically for use with GnuPG (and for its U2F support).  I had a
 lot of troubles getting my YubiKey on it.  It finally worked using a
 recent Ubuntu, but on my Macbook with MacOS "El Capitan" I am unable
 to access the keys.  I only get "card error".  Digging deeper with
 dtruss (kind of "strace") I got as far as that scdaemon gets a "pcsc:
 sharing violation".

 I /think/ it worked exactly once.  But then I played a bit with the
 PIV applet on the YubiKey (using yubico's piv-tool), and since then
 I can not get to the OpenPGP applet on the YubiKey.  Only the PIV
 works (I see my x509 certificates in there in Keychain and can used
 in Safari to authenticate to for example

 (Any hints to get PIV and OpenPGP work side-by-side are most welcome.)


 If adding the YubiKey, then there should be a warning not to never
 play with the PIV applet on it.

 Best regards


|     Bjoern Kahl   +++   Siegburg   +++    Germany     |
|     "mls at -my-domain-"   +++     |
| Languages: German, English, Ancient Latin (a bit :-)) |

More information about the Gnupg-users mailing list