Unable to access Crypto Stick with gpg2

Jan Ignatius email at janignatius.fi
Wed Feb 13 19:16:01 CET 2013


On Wed, 13 Feb 2013 11:55:59 +0100
Hauke Laging <mailinglisten at hauke-laging.de> wrote:

> Am Mi 13.02.2013, 07:46:31 schrieb Jan Ignatius:
> 
> > scdaemon[2740]: PC/SC OPEN failed: reader unavailable
> 
> I think this is the relevant problem with thr rest being the result
> of that. What are the access rights for the reader? Can your user
> account access it? Perhaps you need a suitable udev rule.
> 
> 
> Hauke

I may have missed something. I just restarted the machine
(which I had not done when trying to get the stick to work), performed 
the same actions again and got a different result:

$ gpg2 --card-status
gpg: selecting openpgp failed: Unsupported certificate
gpg: OpenPGP card not available: Unsupported certificate

$ sudo gpg2 --card-status
[sudo] password for jan: 
gpg: WARNING: unsafe ownership on configuration file
`/home/jan/.gnupg/gpg.conf' Application ID ...:
D276000124010200000500000C1D0000 Version ..........: 2.0
Manufacturer .....: ZeitControl
Serial number ....: 00000C1D
Name of cardholder: Jan Ignatius
Language prefs ...: en
Sex ..............: male
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: forced
Key attributes ...: 2048R 2048R 2048R
Max. PIN lengths .: 32 32 32
PIN retry counter : 3 0 3
Signature counter : 18
Signature key ....: 08EC 7FDC BAAA EEF5 AFE8  BEEC 8B71 471F 7F86 1262
      created ....: 2012-07-25 18:21:13
Encryption key....: F316 9042 B599 FE06 ABFC  BB42 1D72 A9D5 F7EB DE4B
      created ....: 2012-07-25 18:21:13
Authentication key: B2EB 65F2 31F8 6B30 B917  06A7 1A8B 1F48 BEA5 709F
      created ....: 2012-07-25 18:21:13
General key info..: [none]
scdaemon[3638]: updating slot 0 status: 0x0000->0x0007 (0->1)
$ scdaemon[3638]: scdaemon (GnuPG) 2.0.19 stopped
$

So at least gpg2 can access the card with sudo but the scdaemon dies
after the first attempt. 

Coming back to your original proposal, could you give me some guidance
on how i can check the user permissions for the Crypto Stick? I've only
gotten as far as identifying the card by doing tail -f /var/log/syslog
and then plugging in the device:

Feb 13 19:59:59 Sibelius kernel: [  145.733139] usb 1-1.2: >new full-speed USB device number 5 using ehci_hcd
Feb 13 19:59:59 Sibelius kernel: [  145.826321] usb 1-1.2: >New USB device found, idVendor=20a0, idProduct=4107
Feb 13 19:59:59 Sibelius kernel: [  145.826330] usb 1-1.2: >New USB device strings: Mfr=1, Product=2, SerialNumber=0
Feb 13 19:59:59 Sibelius kernel: [  145.826337] usb 1-1.2: >Product: Crypto Stick v1.2
Feb 13 19:59:59 Sibelius kernel: [  145.826342] usb 1-1.2: >Manufacturer: German Privacy Foundation
Feb 13 19:59:59 Sibelius mtp-probe: checking bus 1, device 5: "/sys/devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.2"
Feb 13 19:59:59 Sibelius mtp-probe: bus: 1, device: 5 was not an MTP device
Feb 13 19:59:59 Sibelius kernel: [  145.848956] WARNING! power/level is deprecated; use power/control instead
Feb 13 19:59:59 Sibelius pcscd: ccid_usb.c:1054:ControlUSB() control
failed (1/5): -9 Success

But I am at loss on how to proceed from here.

-- 
Jan <email at janignatius.fi>
PGP Key: https://janignatius.fi/pgp
PGP Key Fingerprint: 08EC 7FDC BAAA EEF5 AFE8  BEEC 8B71 471F 7F86 1262



More information about the Gnupg-users mailing list