gpg-agent has to be restarted after GnuPG SmartCard pulled from reader

gnupg-users.dirk at o.banes.ch gnupg-users.dirk at o.banes.ch
Fri Jan 6 22:53:42 CET 2017 

Hi all,

thank you Damien and Werner for your recent replies.
Even if the reader is performing o.k. now to my amassment.
When I used the feature to create the keys on the card I ran to some
strange and not reproducible problems.
I think this is what Werner refers to. Once I decided to create the keys
on my PC and uploaded them to the Card everything works fine.

For the time being I think the solution is to go for scd-event. This
obviously beats to tail the logs. I will try this as soon I will get to it.

However - for me it really looks like the scdaemon or gpg-agent are not
handling the existing events correctly. It might be worth looking into
it as well.
I will not rule out misconfiguration by ubuntu or myself.

Recent publications are giving up on PGP/GPG which is clearly wrong in
my humble opinion. The key questions is for all crypto -> how to
securely store your key.
Even if SmartCards and alike (Yubikey) are "old fashioned" and geek
technology I think for security they are irreplaceable.

Thanks and best regards

Dirk


On 06.01.2017 20:23, Werner Koch wrote:
> On Fri,  6 Jan 2017 14:52, dgouttegattat at incenp.org said:
>
>> For what is worth, I have two such readers, which are working
>> flawlessly with the ccid driver [1] and with 2048-bit keys. I have not
>> tried them with the internal driver.
> IIRC, I added some workarounds but eventually gave up due to too many
> problems.  Key generation always failed with Omnikey based readers and
> signature creation only works in some cases.  
>
> I have a whole bunch of those readers and they are all crap.  Well,
> except for the Cherry keyboard, it does work well in the server room
> (w/o card).
>
>> the file $GNUPGHOME/scd-event exists and is executable, it will be
>> called on every card reader status change.
> I was about to tell this, too ;-)
>
>
> Salam-Shalom,
>
>    Werner
>
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

More information about the Gnupg-users mailing list