[pkg-gnupg-maint] Bug#1071168: gnupg: Yubikey with KDF enabled: PKDECRYPT failed: Bad PIN
Julian Wollrath
jwollrath at web.de
Wed May 15 12:46:23 BST 2024
Package: gnupg
Version: 2.2.43-3
Severity: important
Dear Maintainer,
after updating to 2.2.43 I cannot use a key stored on a Yubikey (with
KDF enabled, not sure, if that matters) anymore, since the PIN is
rejected:
gpg-agent[38887]: detected card with S/N XXX
gpg-agent[38889]: scdaemon[38889]: sending signal 12 to client 38887
gpg-agent[38889]: [111B blob data]
gpg-agent[38889]: scdaemon[38889]: Prüfung des CHV2 fehlgeschlagen: Bad PIN
gpg-agent[38889]: scdaemon[38889]: app_decipher failed: Bad PIN
gpg-agent[38887]: smartcard decryption failed: Bad PIN
gpg-agent[38887]: command 'PKDECRYPT' failed: Bad PIN <SCD>
Downgrading to the version in testing (2.2.40) fixes the problem and
everything works again (using the same, correct PIN).
Best regards,
Julian
-- System Information:
Debian Release: trixie/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE:de
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages gnupg depends on:
ii dirmngr 2.2.43-3
ii gnupg-l10n 2.2.43-3
ii gnupg-utils 2.2.43-3
ii gpg 2.2.43-3
ii gpg-agent 2.2.43-3
ii gpg-wks-client 2.2.43-3
ii gpg-wks-server 2.2.43-3
ii gpgsm 2.2.43-3
ii gpgv 2.2.43-3
gnupg recommends no packages.
Versions of packages gnupg suggests:
pn parcimonie <none>
pn xloadimage <none>
-- no debconf information
--
() ascii ribbon campaign - against html e-mail
/\ - against proprietary attachments
More information about the pkg-gnupg-maint
mailing list