Re: It takes 8-9 secs until pinentry asks for the PIN of the OpenPGP card
Hello, Matthias Apitz wrote: > It seems that the first time is longer. I will increase the debug-level > for scdaemon. Thank you for the information. I think that it's better to debug how PC/SC goes. To get full debug log in lower level, you can invoke pcscd manually with root: # LIBCCID_ifdLogLevel=0x pcscd -f --debug -- ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It takes 8-9 secs until pinentry asks for the PIN of the OpenPGP card
El día jueves, mayo 16, 2024 a las 04:09:44 +0900, NIIBE Yutaka escribió: > Hello, > > Matthias Apitz wrote: > > It seems that the first time is longer. I will increase the debug-level > > for scdaemon. > > Thank you for the information. I think that it's better to debug how > PC/SC goes. > > To get full debug log in lower level, you can invoke pcscd manually with > root: > > # LIBCCID_ifdLogLevel=0x pcscd -f --debug This isn't that easy. The pcscd is running (when needed) as: purism@pureos:~$ ps ax | grep pcscd 2151 ?Ssl0:00 /usr/sbin/pcscd --foreground --auto-exit it is launched by a system service: root@pureos:/home/purism# systemctl status pcscd ● pcscd.service - PC/SC Smart Card Daemon Loaded: loaded (/lib/systemd/system/pcscd.service; indirect; vendor pres> Drop-In: /usr/lib/systemd/system/pcscd.service.d └─librem5.conf Active: active (running) since Thu 2024-05-16 10:02:44 CEST; 12s ago TriggeredBy: ● pcscd.socket Docs: man:pcscd(8) Process: 27601 ExecStartPre=/bin/bash -c echo 1 > /sys/class/leds/smc_en/> Process: 27602 ExecStartPre=/bin/bash -c echo 1 > /sys/class/leds/smc_en/> Main PID: 27603 (pcscd) Tasks: 5 (limit: 3015) Memory: 752.0K CPU: 303ms CGroup: /system.slice/pcscd.service └─27603 /usr/sbin/pcscd --foreground --auto-exit I killed a running pcscd and started it as root as you say, but this make gpg-agent failing to communicate. I have to figure out how to set your env var LIBCCID_ifdLogLevel=0x and to where the debug log of pcscd goes in this case. This will take a while matthias -- Matthias Apitz, ✉ g...@unixarea.de, http://www.unixarea.de/ +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub I am not at war with Russia. Я не воюю с Россией. Ich bin nicht im Krieg mit Russland. ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It takes 8-9 secs until pinentry asks for the PIN of the OpenPGP card
Hello, Matthias Apitz wrote: > This isn't that easy. The pcscd is running (when needed) as: > > purism@pureos:~$ ps ax | grep pcscd >2151 ?Ssl0:00 /usr/sbin/pcscd --foreground --auto-exit > > it is launched by a system service: I see. IIUC, PureOS is Debian based. There should be a file for systemd as /lib/systemd/system/pcscd.service. Its content is something like: == [Unit] Description=PC/SC Smart Card Daemon Requires=pcscd.socket Documentation=man:pcscd(8) [Service] ExecStart=/usr/sbin/pcscd --foreground --auto-exit $PCSCD_ARGS ExecReload=/usr/sbin/pcscd --hotplug EnvironmentFile=-/etc/default/pcscd [Install] Also=pcscd.socket == Then, to debug PC/SC service, you can have a file /etc/default/pcscd with: == PCSCD_ARGS=--debug LIBCCID_ifdLogLevel=0x == Kill pcscd by systemctl, if any. Kill the scdaemon by: $ gpgconf --kill scdaemon And then, when you try to access OpenPGP card by SSH or GnuPG, gpg-agent invokes scdaemon, scdaemon tries to access PC/SC service, pcscd is invoked by socket activation with systemd. You can see the debug log by journalctl. -- ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: It takes 8-9 secs until pinentry asks for the PIN of the OpenPGP card
El día viernes, mayo 17, 2024 a las 01:39:55 +0900, NIIBE Yutaka escribió: > Hello, > > Matthias Apitz wrote: > > This isn't that easy. The pcscd is running (when needed) as: > > > > purism@pureos:~$ ps ax | grep pcscd > >2151 ?Ssl0:00 /usr/sbin/pcscd --foreground --auto-exit > > > > it is launched by a system service: > > I see. IIUC, PureOS is Debian based. There should be a file for systemd > as /lib/systemd/system/pcscd.service. Its content is something like: > ... I did it already with editing/creating the files and commands below. Putting '--debug' in an variable with Environment= as your hint is far more elegant and would remove the service override.conf method. The output went to /var/log/syslog, some 10.000 lines of one PIN request. I haven't found time to study them. matthias /lib/systemd/system/pcscd.service: [Unit] Description=PC/SC Smart Card Daemon Requires=pcscd.socket Documentation=man:pcscd(8) [Service] ExecStartPre=/bin/bash -c "echo 1 > /sys/class/leds/smc_en/brightness && sleep 2" ExecStart=/usr/sbin/pcscd --foreground --auto-exit ExecReload=/usr/sbin/pcscd --hotplug [Install] Also=pcscd.socket /etc/systemd/system/pcscd.service.d/override.conf: [Unit] Description=PC/SC Smart Card Daemon Requires=pcscd.socket Documentation=man:pcscd(8) [Service] ExecStartPre=/bin/bash -c "echo 1 > /sys/class/leds/smc_en/brightness && sleep 2" # ExecStart=/usr/sbin/pcscd --foreground --auto-exit --debug ExecReload=/usr/sbin/pcscd --hotplug [Install] Also=pcscd.socket /usr/lib/systemd/system/pcscd.service.d/librem5.conf: [Service] Environment="LIBCCID_ifdLogLevel=0x" ExecStartPre=/bin/bash -c "echo 1 > /sys/class/leds/smc_en/brightness && sleep 5" ExecStopPost=/bin/bash -c "echo 0 > /sys/class/leds/smc_en/brightness" StandardOutput=syslog StandardError=syslog systemctl stop pcscd.service systemctl daemon-reload systemctl start pcscd.service -- Matthias Apitz, ✉ g...@unixarea.de, http://www.unixarea.de/ +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub I am not at war with Russia. Я не воюю с Россией. Ich bin nicht im Krieg mit Russland. ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
