gnome-keyring problem section in the wiki (Re: gnupg privicy assistant - card manager.)
On Monday 01 September 2014 at 08:37:45, Werner Koch wrote: > On Sun, 31 Aug 2014 16:00, paul.le...@quadensemble.com said: > > I'd like to use the card manager function, but whenever I invoke it the > > application returns the error "Error accessing the card", and the > > status bar reports "Checking for card .. " > > I have actually thank you for raising this issue: > > gnome-keyring-daemon[5531]: unrecognized command: SCD > > The problem is that the gnome-keyring-dameon hijacks the inter process > communication (IPC) between gpg and gpg-agent. It implements a very > limited set of commands of gpg-agent but nothing more. Recent versions > of GnuPG detect this and show a warning message or pop-up to tell you > just this. Because I ran into the issue analysing why an gpgsm installation on Ubuntu did not work, I think this warrants a section in the wiki: http://wiki.gnupg.org/PlatformNotes If would be nice if you (all) could help me and GnuPG and look up the problem reports within Ubuntu or Gnome and linke them from there. > Depending on the version of gnome-keyring-daemon, it is possible to > disable the gpg-agent hijacking component. Unfortunately it is hard to > convince the maintainer to disable this mis-features. > > > Otherwise if I run gpg --card-status with a card in the USB card reader > > I get the following: > > You are using gpg 1.4.x which can directly talk to the card. However, > latest card features are not supported by 1.4 but only by GnuPG 2.x. > > See the mail thread starting with this mail for details: > > http://lists.gnupg.org/pipermail/gnupg-devel/2014-August/028689.html > > > I presume, the system is misconfigured is some way. Any one got any > > suggestions? > > You may want to bring this to the attention of your Linux distribution. > The solution could be easy: The gpg-agent component needs to be disabled > when build gnome-keyring-daemon: > > ./configure --disable-gpg-agent > > > Shalom-Salam, > >Werner -- www.intevation.de/~bernhard (CEO)www.fsfe.org (Founding GA Member) Intevation GmbH, Osnabrück, Germany; Amtsgericht Osnabrück, HRB 18998 Owned and run by Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gnupg privicy assistant - card manager.
On Mon, 1 Sep 2014 12:28, paul.le...@quadensemble.com said: > I would be interested in how to accomplish this. If you can point me to > a thread or reference in the gnupg manual, that would be appreciated. Simon Josefsson posted this at gnupg-devel: mkdir ~/.config/autostart/ cp /etc/xdg/autostart/gnome-keyring-gpg.desktop ~/.config/autostart/ echo 'Hidden=true' >> ~/.config/autostart/gnome-keyring-gpg.desktop As far as I know, there is no GUI to do this in modern GNOME. It used to be possible through gnome-session-properties, but there is no way to do the same with gnome-tweak-tool. > So Gnome breaks gnupg-agent and they will not fix it? Seems so. >> ./configure --disable-gpg-agent > > I prefer the gpg-agent UI. Anyway, Seahorse doesn't seem to know about > smart cards so the whole reason I posted, to see my smart card in the > card display of gpa is defeated if I disable gpg-agent. The configure above was for gnome-keyring-daemon. It disables the so-called gpg support over there and makes gpg-agent work. However, it is easier to use Simon's way as shown above. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gnupg privicy assistant - card manager.
On 01/09/14 07:37:45, Werner Koch wrote: > On Sun, 31 Aug 2014 16:00, paul.le...@quadensemble.com said: > > > I'd like to use the card manager function, but whenever I invoke it > > the application returns the error "Error accessing the card", and > > the status bar reports "Checking for card .. " > > I have actually thank you for raising this issue: > My pleasure. > The problem is that the gnome-keyring-dameon hijacks the inter > process communication (IPC) between gpg and gpg-agent. It > implements a very limited set of commands of gpg-agent but nothing > more. Recent versions of GnuPG detect this and show a warning > message or pop-up to tell you just this. > > Depending on the version of gnome-keyring-daemon, it is possible to > disable the gpg-agent hijacking component. I would be interested in how to accomplish this. If you can point me to a thread or reference in the gnupg manual, that would be appreciated. > Unfortunately it is hard > to convince the maintainer to disable this mis-features. > So Gnome breaks gnupg-agent and they will not fix it? > See the mail thread starting with this mail for details: > > http://lists.gnupg.org/pipermail/gnupg-devel/2014-August/028689.html > > > I presume, the system is misconfigured is some way. Any one got any > > suggestions? > > You may want to bring this to the attention of your Linux > distribution. The solution could be easy: The gpg-agent component > needs to be disabled when build gnome-keyring-daemon: > > ./configure --disable-gpg-agent I prefer the gpg-agent UI. Anyway, Seahorse doesn't seem to know about smart cards so the whole reason I posted, to see my smart card in the card display of gpa is defeated if I disable gpg-agent. Unless I have the wrong end of the stick? Regards ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gnupg privicy assistant - card manager.
On Sun, 31 Aug 2014 16:00, paul.le...@quadensemble.com said: > I'd like to use the card manager function, but whenever I invoke it the > application returns the error "Error accessing the card", and the > status bar reports "Checking for card .. " I have actually thank you for raising this issue: > gnome-keyring-daemon[5531]: unrecognized command: SCD The problem is that the gnome-keyring-dameon hijacks the inter process communication (IPC) between gpg and gpg-agent. It implements a very limited set of commands of gpg-agent but nothing more. Recent versions of GnuPG detect this and show a warning message or pop-up to tell you just this. Depending on the version of gnome-keyring-daemon, it is possible to disable the gpg-agent hijacking component. Unfortunately it is hard to convince the maintainer to disable this mis-features. > Otherwise if I run gpg --card-status with a card in the USB card reader > I get the following: You are using gpg 1.4.x which can directly talk to the card. However, latest card features are not supported by 1.4 but only by GnuPG 2.x. See the mail thread starting with this mail for details: http://lists.gnupg.org/pipermail/gnupg-devel/2014-August/028689.html > I presume, the system is misconfigured is some way. Any one got any > suggestions? You may want to bring this to the attention of your Linux distribution. The solution could be easy: The gpg-agent component needs to be disabled when build gnome-keyring-daemon: ./configure --disable-gpg-agent Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
gnupg privicy assistant - card manager.
I hope this is the correct list to raise this issue at? The GNU Privicy assistant seems to be working fine, when I start it I can see a list of my keys. I'd like to use the card manager function, but whenever I invoke it the application returns the error "Error accessing the card", and the status bar reports "Checking for card .. " Looking at my system logs, start to fill up with: gnome-keyring-daemon[5531]: unrecognized command: SCD gnome-keyring-daemon[5531]: unrecognized command: GETEVENTCOUNTER gnome-keyring-daemon[5531]: unrecognized command: GETEVENTCOUNTER The last two lines are repeated continiously until the card manager is closed. Otherwise if I run gpg --card-status with a card in the USB card reader I get the following: gpg: detected reader `Alcor Micro AU9540 00 00' Application ID ...: D2760001240102051EAD Version ..: 2.0 More stuff follows - but shows the card reader is functional. At the command prompt I can enter the gpg --card-edit and read and edit the card parameters. I presume, the system is misconfigured is some way. Any one got any suggestions? Thanks ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
