Hi, I'm using gnupg with an OpenPGP smartcard since a few days now and basically it works very well. However, one thing bothers me a bit: Neither the cache-timeout options (gpg-agent) nor the card-timeout option (scdaemon) seem to work. I have set all timeouts to very low values but the PIN is still cached forever (by the card?), as long as the card is not removed and scdaemon is running. Sending SIGHUP to scdaemon does not work either although the manpage is suggesting this. Only killing scdaemon with SIGKILL helps. The LED on the card reader (SCR-335) remains always on after using it for the first time. For keys that are not on the smartcard the cache-timeout works correctly.
Another thing, which is probably connected to the cache problem, is that I have to kill the scdaemon (with SIGKILL) after disconnecting and reconnecting the card reader to get it working again. If I don't kill scdaemon gnupg complains: gpg: selecting openpgp failed: ec=6.32848 gpg: OpenPGP card not available: general error Any ideas to resolve this? Are these problems card reader (SCR-335) specific? I think the cache-timeout/card-timeout options are crucial for security because without them it seems that the only way to prevent the card from being unlocked all the time is to manually remove the card or to kill the scdaemon. Regards, Marco _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
