Mailing List Archive

Re: Gnupg-users Digest, Vol 225, Issue 8
Help
Unsubscribe

On Fri, Jun 24, 2022 at 6:21 PM <gnupg-users-request@gnupg.org> wrote:

> Send Gnupg-users mailing list submissions to
> gnupg-users@gnupg.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.gnupg.org/mailman/listinfo/gnupg-users
> or, via email, send a message with subject or body 'help' to
> gnupg-users-request@gnupg.org
>
> You can reach the person managing the list at
> gnupg-users-owner@gnupg.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Gnupg-users digest..."
>
>
> Today's Topics:
>
> 1. Re: loopback issue signing git commits (?ngel)
> 2. gpa.exe hungs when click on "smartcards" AND scdaemon cannot
> recognise SC-HSM (Minas Argyrou)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Fri, 24 Jun 2022 02:02:47 +0200
> From: ?ngel <angel@pgp.16bits.net>
> To: gnupg-users@gnupg.org
> Subject: Re: loopback issue signing git commits
> Message-ID:
> <b87255e7a26e9e345f464583965e7bf840dc5f1c.camel@16bits.net>
> Content-Type: text/plain; charset="ISO-8859-15"
>
> On 2022-06-18 at 02:14 +0200, GH wrote:
> > Hi,
> >
> > I use gnupg in a remote server, I connect to via ssh
> >
> > I config gnupg as loopback, it ask me my gpg passwd in the command
> > line or in my emacs minibuffer when I use magit
> >
> > but when I commit in git, I sign my commits, but gpg ask me the
> > passwd
> > with GUI pinentry (in the remote server)
> >
> > In remote ssh connection I cant insert that password
> >
> > please, help
>
> What's the full gpg command line being run by git? I suspect it may be
> overriding some setting.
> Rather than using loopback to read it, I think it might be more
> apprpopriate to configure it to use pinentry-curses
>
> Regards
>
>
>
>
> ------------------------------
>
> Message: 2
> Date: Fri, 24 Jun 2022 20:47:55 +0000
> From: Minas Argyrou <minasargyrou@outlook.com>
> To: "gnupg-users@gnupg.org" <gnupg-users@gnupg.org>
> Cc: Minas Argyrou <minasargyrou@outlook.com>
> Subject: gpa.exe hungs when click on "smartcards" AND scdaemon cannot
> recognise SC-HSM
> Message-ID:
> <
> AM6PR06MB443824203DCEC58FA7BBA26FC1B49@AM6PR06MB4438.eurprd06.prod.outlook.com
> >
>
> Content-Type: text/plain; charset="utf-8"
>
> I am tring it get GnuPG to work with my SmartCard-HSM 4K on Windows, using
> the
> GP4Win bundle.
>
> Kleopatra doesn't recognise the SC-HSM 4K at all, even though, it DOES
> recognise the YubiKey 5 NFC in BOTH PIV and Openpgp Card apps.
>
> When trying to use the GPA.exe alternative, it just freezes when I click
> on
> the "smartcards" button; not sure if it's related.
>
> Trying to debug this, using CMD:
>
> scdaemon --server
> serialno
>
> I get the following result:
>
>
> > scdaemon[xxxxx]: detected reader 'ACS ACR38U 0' scdaemon[xxxxx]:
> > reader slot 0: not connected scdaemon[xxxxx]: pcsc_control failed:
> > invalid PC/SC error code (0x1) scdaemon[xxxxx]:
> > pcsc_vendor_specific_init: GET_FEATURE_REQUEST failed: 65547
> > scdaemon[xxxxx]: reader slot 0: active protocol: T1 scdaemon[xxxxx]:
> > slot 0: ATR=3bde18ff8191fe1fxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> > scdaemon[xxxxx]: error parsing PrKDF record: Invalid object
> > scdaemon[xxxxx]: no supported card application found: Invalid object S
> > PINCACHE_PUT 0// ERR 100696144 No such device <SCD>
>
> Below I am including my configuration files.
>
> scdaemon.conf
>
>
>
> ###+++--- GPGConf ---+++###
> verbose
> verbose
> verbose
> verbose
> verbose
> verbose
> verbose
> verbose
> verbose
> disable-ccid
> ###+++--- GPGConf ---+++### 09/06/y22 23:29:33 GTB Daylight Time
> # GPGConf edited this configuration file.
> # It will disable options before this marked block, but it will
> # never change anything below these lines.
>
> #pcsc-shared
>
> I have tried all possible combinations with `disable-ccid` and
> `pcsc-shared`
> and nothing works.
>
>
> gpgagent.conf
>
>
> ###+++--- GPGConf ---+++###
> enable-extended-key-format
> ignore-cache-for-signing
> no-allow-external-cache
> no-allow-loopback-pinentry
> grab
> pinentry-timeout 10
> verbose
> verbose
> verbose
> verbose
> verbose
> verbose
> verbose
> verbose
> verbose
> ssh-fingerprint-digest SHA384
> ###+++--- GPGConf ---+++### 18/04/y22 07:30:51 GTB Daylight Time
> # GPGConf edited this configuration file.
> # It will disable options before this marked block, but it will
> # never change anything below these lines.
>
> enable-putty-support
> enable-ssh-support
> use-standard-socket
> default-cache-ttl 600
> max-cache-ttl 7200
>
> gpgsm.conf
>
>
> ###+++--- GPGConf ---+++###
> auto-issuer-key-retrieve
> enable-crl-checks
> enable-ocsp
> verbose
> verbose
> verbose
> verbose
> verbose
> verbose
> verbose
> verbose
> verbose
> include-certs -1
> cipher-algo AES256
> ###+++--- GPGConf ---+++### 01/04/y22 19:10:26 GTB Daylight Time
> # GPGConf edited this configuration file.
> # It will disable options before this marked block, but it will
> # never change anything below these lines.
>
> I was never able to get the SC-HSM to work with GnuPG, even though it is
> supposedly supported. This is the current time I am trying to figure it
> out.
> This time, I haven't played with anything else than scdaemon.conf, but, as
> far
> as I can tell, the SC-HSM didn't work even with the defaults on a fresh
> install.
>
> The card otherwise works nicely with everything else. Any help would be
> greatly appreciated!
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220624/30971d48/attachment.html
> >
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: smime.p7s
> Type: application/pkcs7-signature
> Size: 6027 bytes
> Desc: not available
> URL: <
> https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220624/30971d48/attachment.bin
> >
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> https://lists.gnupg.org/mailman/listinfo/gnupg-users
>
>
> ------------------------------
>
> End of Gnupg-users Digest, Vol 225, Issue 8
> *******************************************
>