[pkg-gnupg-maint] Bug#854005: Bug#854005: ssh-agent no longer works

Sat Feb 4 17:37:52 UTC 2017

On Fri, Feb 03, 2017 at 09:40:35AM +0900, NIIBE Yutaka wrote:
> Hello,
> 
> Thanks to dkg to explicitly CC me.
> 
> On Thu 2017-02-02 17:54:26 -0500, Wouter Verhelst wrote:
> > Since a recent upgrade, gnupg-agent no longer finds the authentication
> > (SSH) key on my OpenPGP smartcard:
> >
> > wouter at gangtai:~$ gpg --card-status
> 
> It should be an issue of scdaemon.  For 2.1.18, I added multiple card
> reader support.  This might be a possible cause.  Please let me know, if
> 2.1.17 worked fine or not.

Here I can confirm I was able to access my Yubikey with GnuPG/scdaemon
2.1.17 in Debian stretch fine until the 2.1.18 upgrade. Then it started
to completely fail with:

[996]anarcat at curie:~$ LANG=C gpg --card-status
gpg: selecting openpgp failed: No such device
gpg: OpenPGP card not available: No such device

... which is slightly different from the bug report here. The
workaround is the same though,  just adding "disable-ccid" to
.gnupg/scdaemon.conf fixes the problem.

This seems like an important regression, however. If "disable-ccid"
should absolutely be added by users, this should be noted in the
NEWS.Debian file. Alternatively, this should "just work" regardless of
whether it's enabled or not.

Thanks!

a.

PS: the details of my yubikey setup can be found here:

https://anarc.at/blog/2015-12-14-yubikey-howto/

It should be fairly standard, and I added a reference to this bug there.

-- 
The survival of humans and other species on planet Earth in my view can
only be guaranteed via a timely transition towards a stationary
state, a world economy without growth.
                         - Peter Custers
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20170204/6396c34b/attachment.sig>