[pkg-gnupg-maint] Bug#854005: Bug#854005: ssh-agent no longer works
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Feb 7 03:57:59 UTC 2017
On Mon 2017-02-06 14:39:34 -0500, NIIBE Yutaka wrote:
> I think that an explanation like following is good.
>
> If you want to use PC/SC service, please add
>
> disable-ccid
>
> in .gnupg/scdaemon.conf. Or do:
>
> echo disable-ccid:0:1 | gpgconf --change-options scdaemon
My only concern with this explanation is that most people (even those
with smartcards!) have *no*idea* whether they "want to use PC/SC
service." They just bought a smartcard (or were given one by their
employer or their government or their friend or whatever) and they know
they're supposed to use it.
Can we offer a user experience that doesn't involve them making a choice
between two indistinguishable options?
A few ideas (no idea how plausible they are to implement, or even
whether they'd solve the problems people are having):
0) if pcscd is running and has claimed the smartcard, then by default
disable ccid?
1) for each device that is detected by ccid, try to access it. If it
is not accessible because someone else has it locked, and pcscd
appears to be running, and a similar-looking device is accessible
through pcsc, then skip the device entirely without complaint.
2) revert whatever the change was in 2.1.18 (handling multiple cards?)
that made things worse for people who had things working in 2.1.17
Any other suggestions?
Thanks for looking into this, gniibe! Sorry if it's frustrating, but
your expertise in thinking through these issues is very much
appreciated.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20170206/6f23f760/attachment.sig>
More information about the pkg-gnupg-maint
mailing list