On Sun, Apr 16, 2017 at 07:44:27PM +0300, Pavel Korovin wrote:
> On 04/11, Edd Barrett wrote:
> >
> > Can you try killing any running gpg-agents and running a new one with
> > debug logging enabled, like this:
> >
> > $ gpg-agent --daemon --log-file /tmp/log --debug-level advanced
> >
> > Then try to use your yubikey. Is there any useful debug info in the log
> > file?
>
> Edd, do you use gnupg-2.1.20 port with Yubikey?
>
> I have the same issue as described here:
> https://dev.gnupg.org/T2933
>
> gpg --card-status doesn't work with my original settings:
>
> 2017-04-10 12:47:20 scdaemon[64625] listening on socket
> '/home/p/.config/gnupg/S.scdaemon'
> 2017-04-10 12:47:20 scdaemon[64625] handler for fd -1 started
> 2017-04-10 12:47:20 scdaemon[64625] DBG: chan_5 -> OK GNU Privacy
> Guard's Smartcard server ready
> 2017-04-10 12:47:20 scdaemon[64625] DBG: chan_5 <- GETINFO socket_name
> 2017-04-10 12:47:20 scdaemon[64625] DBG: chan_5 -> D
> /home/p/.config/gnupg/S.scdaemon
> 2017-04-10 12:47:20 scdaemon[64625] DBG: chan_5 -> OK
> 2017-04-10 12:47:20 scdaemon[64625] DBG: chan_5 <- OPTION
> event-signal=31
> 2017-04-10 12:47:20 scdaemon[64625] DBG: chan_5 -> OK
> 2017-04-10 12:47:20 scdaemon[64625] DBG: chan_5 <- GETINFO version
> 2017-04-10 12:47:20 scdaemon[64625] DBG: chan_5 -> D 2.1.20
> 2017-04-10 12:47:20 scdaemon[64625] DBG: chan_5 -> OK
> 2017-04-10 12:47:20 scdaemon[64625] DBG: chan_5 <- SERIALNO openpgp
> 2017-04-10 12:47:20 scdaemon[64625] DBG: apdu_open_reader: BAI=302
> 2017-04-10 12:47:20 scdaemon[64625] DBG: apdu_open_reader: new
> device=302
>
> And nothing else. gpg just hangs until I interrupt it with Control-C.
>
> I tried to set "disable-ccid" option, after that scdaemon fails early:
>
> $ gpg --card-status
> gpg: selecting openpgp failed: Operation not supported by device
>
> gpg: OpenPGP card not available: Operation not supported by device
>
> scdaemon.log:
>
> 2017-04-10 12:53:32 scdaemon[55296] handler for fd -1 started
> 2017-04-10 12:53:32 scdaemon[55296] DBG: chan_5 -> OK GNU Privacy
> Guard's Smartcard server ready
> 2017-04-10 12:53:32 scdaemon[55296] DBG: chan_5 <- GETINFO socket_name
> 2017-04-10 12:53:32 scdaemon[55296] DBG: chan_5 -> D
> /home/p/.config/gnupg/S.scdaemon
> 2017-04-10 12:53:32 scdaemon[55296] DBG: chan_5 -> OK
> 2017-04-10 12:53:32 scdaemon[55296] DBG: chan_5 <- OPTION
> event-signal=31
> 2017-04-10 12:53:32 scdaemon[55296] DBG: chan_5 -> OK
> 2017-04-10 12:53:32 scdaemon[55296] DBG: chan_5 <- GETINFO version
> 2017-04-10 12:53:32 scdaemon[55296] DBG: chan_5 -> D 2.1.20
> 2017-04-10 12:53:32 scdaemon[55296] DBG: chan_5 -> OK
> 2017-04-10 12:53:32 scdaemon[55296] DBG: chan_5 <- SERIALNO openpgp
> 2017-04-10 12:53:32 scdaemon[55296] DBG: enter: apdu_open_reader:
> portstr=(null)
> 2017-04-10 12:53:32 scdaemon[55296] pcsc_establish_context failed: no
> service (0x8010001d)
> 2017-04-10 12:53:32 scdaemon[55296] DBG: leave: apdu_open_reader =>
> slot=-1 [pc/sc]
> 2017-04-10 12:53:32 scdaemon[55296] DBG: chan_5 -> ERR 100696144
> Operation not supported by device <SCD>
>
> --
> With best regards,
> Pavel Korovin
>
FWIW it works fine for me:
Yubikey 4:
λ gpg2 --card-status
Reader ...........: Yubico Yubikey 4 OTP CCID 00 00
Yubikey Neo:
λ gpg2 --card-status
Reader ...........: Yubico Yubikey NEO OTP CCID 00 00
I am using security/pcsc-lite and security/ccid.
--
PGP: 0x1F81112D62A9ADCE / 3586 3350 BFEA C101 DB1A 4AF0 1F81 112D 62A9 ADCE
