[pkg-gnupg-maint] Bug#1102717: gnupg: fails to interact with HSM after upgrade from 2.2.46
Andrew Bower
andrew at bower.uk
Sat Apr 12 13:07:47 BST 2025
Hi Andreas,
On Sat, Apr 12, 2025 at 01:43:47PM +0200, Andreas Metzler wrote:
> On 2025-04-12 Andrew Bower <andrew at bower.uk> wrote:
> afaiui with gnupg 2.4 you have to either use gnupg's built-in ccid driver
> *instead* of pcdsd (i.e. stop pcscd from grabbing the device) or
> configure gnupg to *not* use the built-in ccid driver:
> scdaemon.1:
> --disable-ccid
> The integrated CCID driver for CCID compliant devices can be
> available when libusb was detected at build time, and it is used
> to access the smartcard reader. If access via PC/SC driver is
> needed, please configure this option to disable CCID driver sup‐
> port (if any). In GnuPG 2.2, there was a fallback mechanism from
> CCID driver to PC/SC driver. The fallback mechanism worked, be‐
> cause scdaemon in GnuPG 2.2 only supported a single token/reader.
> To support of multiple tokens/readers at the same time, fallback
> mechanism was removed.
>
> (This would be disable-ccid in ~/.gnupg/scdaemon.conf.)
Thank you, this works!
I'm happy for this to be resolved as an invalid bug but would it be
worth extending the NEWS entry to cover this issue?
--
Signing with gnupg/2.4.7-14 and a hardware security module :-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnupg-maint/attachments/20250412/279fd925/attachment.sig>
More information about the pkg-gnupg-maint
mailing list