scute / firefox: cannot connect to GPG agent
Fabian Peter Hammerle
fabian.hammerle at gmail.com
Mon Jun 5 19:54:47 CEST 2017
> Did you import your new certificate onto the Yubikey? Because independently
> of what your gpgsm store may contain, Scute will always try to fetch the
> certificate from the token itself.
Ah, I didn't know I had to write the certificate onto the Yubikey.
I only imported it into gpgsm following this guide:
http://scute.org/scute.html/Certificate-Preparation.html
> Could you extract the certificate from the smartcard and have a look at it?
> $ gpg --card-edit
> gpg/card> readcert 3 > file.der
> gpg/card> quit
$ od -x file.der
> 0000000 217f 0082 ffff ffff ffff ffff ffff ffff
> 0000020 ffff ffff ffff ffff ffff ffff ffff ffff
> *
> 0000400 ffff 00ff
> 0000403
I just tried to write the certificate onto the Yubiykey:
$ gpg --edit-card
Reader ...........: Yubico Yubikey 4 OTP U2F CCID 00 00
[...]
ssb> rsa4096/3AA08B6113EC625C created: 2016-12-25 expires: never
[...]
gpg/card> admin
Admin commands are allowed
gpg/card> writecert 3 <new-cert.der
gpg: error writing certificate to card: Provided object is too large
Do I have to choose a smaller key size?
Thanks a lot
Fabian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: </pipermail/attachments/20170605/bbbf3fd4/attachment.sig>
More information about the Gnupg-users
mailing list