Trouble with GPG Cards for SSH when using FIDO2
Philipp Schmidt
philipp at knutschmidt.de
Mon Jan 15 09:25:01 CET 2024
Hello Everybody,
since some update, about 2 Month ago, I started to run into trouble using my both yubi Keys. To be precise: I have setup gpg such that the ssh auth Agent can access the keys. That worked for a long time. For example: `ssh-add -L` always displayed both public keys.
As mentioned before, now I am running into trouble, but not right from the start. As far as I could observe that, it happens always after I used one of the keys for a FIDO2 Authentification. After that `ssh-add -L` doesn't display any more keys and `gpg --card-status` says:
```
gpg: selecting card failed: No such device
gpg: OpenPGP card not available: No such device
```
event though the keys are inserted. In such a case, the only thing that helps is a reboot.
I really would like to provide more details, but I really do not know where to start.
Basiline:
- Everything works fine until I use one of the keys for FIDO2
- Afterwards I cannot restore the service without a reboot
I am running Arch Linux with a new Kernel and GPG version 2.4.3
Thanks in ahead for any help!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20240115/321b2299/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: public.asc
Type: application/pgp-keys
Size: 1753 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20240115/321b2299/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 475 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20240115/321b2299/attachment.sig>
More information about the Gnupg-users
mailing list