Clearing cached PIN for Yubikey
gniibe at fsij.org
Thu Aug 6 07:10:55 CEST 2020
ಚಿರಾಗ್ ನಟರಾಜ್ wrote:
> I was attempting to figure out what the 'canonical' way of clearing a
> Yubikey's cached PIN is.
Clearing the authentication status is supported in scdaemon (in the
lower level), but there is no good way by command line.
If you don't care about using a kind of develper's tool
(gpg-connect-agent), you can do following.
For signing, type:
$ gpg-connect-agent "SCD PASSWD --clear 1" /bye
For decryption/authentication, type:
$ gpg-connect-agent "SCD PASSWD --clear 2" /bye
Perhaps, using a tool for users would be more relevant. Then,
$ gpgconf --kill scdaemon
could be used to clear all authentication status.
More information about the Gnupg-users