[pkg-gnupg-maint] Bug#854005: Bug#854005: ssh-agent no longer works

Wouter Verhelst w at uter.be
Fri Feb 3 11:08:02 UTC 2017 

On Fri, Feb 03, 2017 at 09:40:35AM +0900, NIIBE Yutaka wrote:
> Hello,
> 
> Thanks to dkg to explicitly CC me.
> 
> On Thu 2017-02-02 17:54:26 -0500, Wouter Verhelst wrote:
> > Since a recent upgrade, gnupg-agent no longer finds the authentication
> > (SSH) key on my OpenPGP smartcard:
> >
> > wouter at gangtai:~$ gpg --card-status
> 
> It should be an issue of scdaemon.  For 2.1.18, I added multiple card
> reader support.

Awesome! That's been something I've been wanting to look into myself for
quite a while now. Good that I don't have to anymore ;-)

> This might be a possible cause.  Please let me know, if 2.1.17 worked
> fine or not.

I just downgraded to 2.1.17-6 (using snapshot.debian.org), and all works
fine again.

Side note (this might be related, but didn't think of that last night):

wouter at gangtai:~$ cat .gnupg/scdaemon.conf
reader-port O2 Micro Oz776 01 00
log-file /home/wouter/.gnupg/scdaemon.log
pcsc-driver libpcsclite.so

I did fiddle with the "reader-port" line a bit last night, but that
didn't fix things. Given that 2.1.18 does multi card reader support,
that may no longer be needed, either.

The "pcsc-driver" is necessary in my case, otherwise my day job
(supporting the software on http://eid.belgium.be) becomes very tedious
(and is also why I sometimes have two or three card readers connected to
my laptop at the same time...).

> Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
> > is the key you expect to use listed in ~/.gnupg/sshcontrol ?  I'd expect
> > it to be listed by its keygrip, which i think is:
> >
> >     40277D42041E8A6E9AC9206FB335DDBA4B57A505
> 
> No, this line is not needed for card; It is automatically available for
> auth key on card.
> 
> I'm now at NRT airport to BRU.

Interesting. I live 10 minutes away (by train) from that airport :-)

I take it you'll be at FOSDEM? I'll be giving a talk in the
IaaS/Virtualization devroom at 14:00 on saturday[1]. If it helps, I'll
have my laptop with me (and a few cardreaders too, probably); we can
then debug things face to face if you want me to.

[1] https://fosdem.org/2017/schedule/event/iaas_netblodev/

-- 
< ron> I mean, the main *practical* problem with C++, is there's like a dozen
       people in the world who think they really understand all of its rules,
       and pretty much all of them are just lying to themselves too.
 -- #debian-devel, OFTC, 2016-02-12

More information about the pkg-gnupg-maint mailing list