[pkg-gnupg-maint] Bug#889751: Bug#889751: scdaemon: BAD PIN since 2.2.4-2 upgrade
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Feb 9 00:47:19 UTC 2018
Control: severity 889751 serious
Hi Corsac--
On Wed 2018-02-07 11:28:42 +0100, Yves-Alexis Perez wrote:
> On Tue, 2018-02-06 at 20:42 +0100, Yves-Alexis Perez wrote:
>
>> since the recent 2.2.4-2 upgrade, when trying to use my smartcard (auth
>> key for SSH for example), I get:
>>
>> févr. 06 20:37:35 scapa gpg-agent[1793]: scdaemon[26257]: verify CHV2 failed: Bad PIN
>> févr. 06 20:37:35 scapa gpg-agent[1793]: scdaemon[26257]: app_auth failed: Bad PIN
>> févr. 06 20:37:35 scapa gpg-agent[1793]: smartcard signing failed: Bad PIN
>>
>> even though I'm sure it's the right PIN.
ugh, i'm sorry to hear this.
>> At that point I'm a little reluctant in doing another try because it's
>> the last one before I need to get my admin PIN.
>
> Downgrading scdaemon, gpg-agent and gpgconf to 2.2.4-1 fixes the problem. If
> you need more information, please ask.
I think the main likely culprit is
debian/patches/scd-Support-KDF-Data-Object-of-OpenPGPcard-V3.3.patch,
which was cherry-picked from upstream.
Can you give more detail about what specific smartcard you have?
can you try rebuilding with that patch removed and testing that? If
you'd prefer i upload something to experimental for you to try without
having to rebuild, let me know and i'll do that.
> I've raised the severity to important, but actually I don't think scdaemon
> should migrate to testing as-is, so I'd be inclined to raise again to RC
> severity.
This e-mail raises the severity to serious, so it should prevent
migration until we've got this sorted out.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20180208/58ea8eef/attachment.sig>
More information about the pkg-gnupg-maint
mailing list