Gnupg-users Digest, Vol 225, Issue 8

Rhett rhettbohling at gmail.com
Sun Jun 26 03:58:22 CEST 2022 

Help
Unsubscribe

On Fri, Jun 24, 2022 at 6:21 PM <gnupg-users-request at gnupg.org> wrote:

> Send Gnupg-users mailing list submissions to
>         gnupg-users at gnupg.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         https://lists.gnupg.org/mailman/listinfo/gnupg-users
> or, via email, send a message with subject or body 'help' to
>         gnupg-users-request at gnupg.org
>
> You can reach the person managing the list at
>         gnupg-users-owner at gnupg.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Gnupg-users digest..."
>
>
> Today's Topics:
>
>    1. Re: loopback issue signing git commits (?ngel)
>    2. gpa.exe hungs when click on "smartcards" AND scdaemon cannot
>       recognise SC-HSM (Minas Argyrou)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Fri, 24 Jun 2022 02:02:47 +0200
> From: ?ngel <angel at pgp.16bits.net>
> To: gnupg-users at gnupg.org
> Subject: Re: loopback issue signing git commits
> Message-ID:
>         <b87255e7a26e9e345f464583965e7bf840dc5f1c.camel at 16bits.net>
> Content-Type: text/plain; charset="ISO-8859-15"
>
> On 2022-06-18 at 02:14 +0200, GH wrote:
> > Hi,
> >
> > I use gnupg in a remote server, I connect to via ssh
> >
> > I config gnupg as loopback, it ask me my gpg passwd in the command
> > line or in my emacs minibuffer when I use magit
> >
> > but when I commit in git, I sign my commits, but gpg ask me the
> > passwd
> > with GUI pinentry (in the remote server)
> >
> > In remote ssh connection I cant insert that password
> >
> > please, help
>
> What's the full gpg command line being run by git? I suspect it may be
> overriding some setting.
> Rather than using loopback to read it, I think it might be more
> apprpopriate to configure it to use pinentry-curses
>
> Regards
>
>
>
>
> ------------------------------
>
> Message: 2
> Date: Fri, 24 Jun 2022 20:47:55 +0000
> From: Minas Argyrou <minasargyrou at outlook.com>
> To: "gnupg-users at gnupg.org" <gnupg-users at gnupg.org>
> Cc: Minas Argyrou <minasargyrou at outlook.com>
> Subject: gpa.exe hungs when click on "smartcards" AND scdaemon cannot
>         recognise SC-HSM
> Message-ID:
>         <
> AM6PR06MB443824203DCEC58FA7BBA26FC1B49 at AM6PR06MB4438.eurprd06.prod.outlook.com
> >
>
> Content-Type: text/plain; charset="utf-8"
>
> I am tring it get GnuPG to work with my SmartCard-HSM 4K on Windows, using
> the
> GP4Win bundle.
>
> Kleopatra doesn't recognise the SC-HSM 4K at all, even though, it DOES
> recognise the YubiKey 5 NFC in BOTH PIV and Openpgp Card apps.
>
> When trying to use the GPA.exe alternative, it just freezes when I click
> on
> the "smartcards" button; not sure if it's related.
>
> Trying to debug this, using CMD:
>
>     scdaemon --server
>     serialno
>
> I get the following result:
>
>
> > scdaemon[xxxxx]: detected reader 'ACS ACR38U 0' scdaemon[xxxxx]:
> > reader slot 0: not connected scdaemon[xxxxx]: pcsc_control failed:
> > invalid PC/SC error code (0x1) scdaemon[xxxxx]:
> > pcsc_vendor_specific_init: GET_FEATURE_REQUEST failed: 65547
> > scdaemon[xxxxx]: reader slot 0: active protocol: T1 scdaemon[xxxxx]:
> > slot 0: ATR=3bde18ff8191fe1fxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> > scdaemon[xxxxx]: error parsing PrKDF record: Invalid object
> > scdaemon[xxxxx]: no supported card application found: Invalid object S
> > PINCACHE_PUT 0// ERR 100696144 No such device <SCD>
>
> Below I am including my configuration files.
>
> scdaemon.conf
>
>
>
>     ###+++--- GPGConf ---+++###
>     verbose
>     verbose
>     verbose
>     verbose
>     verbose
>     verbose
>     verbose
>     verbose
>     verbose
>     disable-ccid
>     ###+++--- GPGConf ---+++### 09/06/y22 23:29:33 GTB Daylight Time
>     # GPGConf edited this configuration file.
>     # It will disable options before this marked block, but it will
>     # never change anything below these lines.
>
>     #pcsc-shared
>
> I have tried all possible combinations with `disable-ccid` and
> `pcsc-shared`
> and nothing works.
>
>
> gpgagent.conf
>
>
>     ###+++--- GPGConf ---+++###
>     enable-extended-key-format
>     ignore-cache-for-signing
>     no-allow-external-cache
>     no-allow-loopback-pinentry
>     grab
>     pinentry-timeout 10
>     verbose
>     verbose
>     verbose
>     verbose
>     verbose
>     verbose
>     verbose
>     verbose
>     verbose
>     ssh-fingerprint-digest SHA384
>     ###+++--- GPGConf ---+++### 18/04/y22 07:30:51 GTB Daylight Time
>     # GPGConf edited this configuration file.
>     # It will disable options before this marked block, but it will
>     # never change anything below these lines.
>
>     enable-putty-support
>     enable-ssh-support
>     use-standard-socket
>     default-cache-ttl 600
>     max-cache-ttl 7200
>
> gpgsm.conf
>
>
>     ###+++--- GPGConf ---+++###
>     auto-issuer-key-retrieve
>     enable-crl-checks
>     enable-ocsp
>     verbose
>     verbose
>     verbose
>     verbose
>     verbose
>     verbose
>     verbose
>     verbose
>     verbose
>     include-certs -1
>     cipher-algo AES256
>     ###+++--- GPGConf ---+++### 01/04/y22 19:10:26 GTB Daylight Time
>     # GPGConf edited this configuration file.
>     # It will disable options before this marked block, but it will
>     # never change anything below these lines.
>
> I was never able to get the SC-HSM to work with GnuPG, even though it is
> supposedly supported. This is the current time I am trying to figure it
> out.
> This time, I haven't played with anything else than scdaemon.conf, but, as
> far
> as I can tell, the SC-HSM didn't work even with the defaults on a fresh
> install.
>
> The card otherwise works nicely with everything else. Any help would be
> greatly appreciated!
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220624/30971d48/attachment.html
> >
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: smime.p7s
> Type: application/pkcs7-signature
> Size: 6027 bytes
> Desc: not available
> URL: <
> https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220624/30971d48/attachment.bin
> >
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> https://lists.gnupg.org/mailman/listinfo/gnupg-users
>
>
> ------------------------------
>
> End of Gnupg-users Digest, Vol 225, Issue 8
> *******************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220625/d51b8fb8/attachment.html>

More information about the Gnupg-users mailing list