Trouble with GPG Cards for SSH when using FIDO2
Philipp Schmidt
philipp at knutschmidt.de
Fri Feb 16 10:16:40 CET 2024
Hello Werner,
thanks again for your Help! I found some errors in the logs of `~/.gnupg/gpg-agend.log` which you can find in the attachments.
By accident I stumbled over a solution which maybe give some idea what might go wrong, but which is wired in nature as well:
Running `gpgconf -K all` and `systemctl restart pcscd` doesn't change anything immediately - but after a while (Minutes i guess) `ssh-add -L` then yields the keys. When that has happened I can even remove / add one/both of my keys and everything is updated accordingly.
The confusing part is that it takes time until it works again, so maybe that Information can nail down the issue a little?
Best and thanks for Help,
Philipp
> Werner Koch <wk at gnupg.org> hat am 02.02.2024 10:02 CET geschrieben:
>
>
> Hi!
>
> I would suggest that you put
>
> debug ipc
> log-file /foo/bar/agent.log
>
> into gpg-agent.conf and
>
> debug cardio
> log-file /foo/bar/scd.log
>
> into scdaemon.conf and restart them all (gpgconf -K all). You way of
> course also run watchgnupg to see a combined log but sepearte log files
> are good enough. The ssh handler has no dedicated debug statements and
> thus any debug level is sufficient to see errors in the logs. If you
> don't see anything in the logs you either need to use a socket proxt
> (somewhere in the gnupg source is one) or add debug statements to
> command-ssh.c. My guess is that the scdaemon log gives some hints.
>
>
> Shalom-Salam,
>
> Werner
>
>
> --
> The pioneers of a warless world are the youth that
> refuse military service. - A. Einstein
Philipp Schmidt (Diplom-Designer) | knutschmidt.de (http://knutschmidt.de) | philipp at knutschmidt.de | +49 176 23 43 27 79
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 475 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20240216/6797166c/attachment.sig>
More information about the Gnupg-users
mailing list