Multiple Yubikeys/Smartcards and Thunderbird email client

Brandon Anderson at
Sun Jul 18 23:40:55 CEST 2021

>>> On 15 Jul 2021, at 12:54, john doe via Gnupg-users 
>>> <gnupg-users at> wrote:
>>> Is this still relevent with the built-in gpg stuff of TB?
>> Very much so. Thunderbird’s native Open PGP support is quite basic, 
>> and anything to do with smartcards still has to be delegated to an 
>> external gnupg process.
>> A
> Another weird behavior I am just now noticing, and maybe it is 
> related. When I insert the Yubikey that Thunderbird wants, and type 
> into the terminal `gpg --card-status`, it outputs as expected. The 
> same thing occurs if I insert my GPG smartcard v2.1. However, my 
> primary Yubikey 5 Nano, which is usually on my desktop and the one I 
> want Thunderbird to play nice with when inserted and `gpg 
> --card-status` is run outputs:
> ➜  yubikeyLockPassword gpg --card-status
> gpg: selecting card failed: End of file
> gpg: OpenPGP card not available: End of file
> The first time and then when you rerun `gpg --card-status`, it outputs 
> the proper and expected result every time. However, this is repeatable 
> as every time I remove and reinsert this particular Yubikey, the first 
> card-status call falls, all later ones succeed. I wonder if this odd 
> behavior is what's causing Thunderbird to ignore this one Yubikey.
> Sincerely,
> Brandon Anderson

So, following up on this email, I went to sign some git commits, and the 
same issue that I reported happening on thunderbird happened with my git 
commits. The issue is similar to what is reported here three years ago 
where only the most recent signature key is attempted even if the system 
has a smartcard or private key to an alternative valid signing key. I 
have deleted the subkeys for the non-primary smartcards on my desktop 
and while it works is less than the desired solution, as I can not 
insert other smartcards for signing and may want to verify in gpg those 
subkeys signatures. Any insight would be greatly appreciated.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x255837AEF812E87E.asc
Type: application/pgp-keys
Size: 15950 bytes
Desc: OpenPGP public key
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list