On Thu, 1 Mar 2018 10:08, k...@glsys.de said:
> i found this ct 2017-10 (german computer magazine) Article,
> where they claim the reader to be working with the openpgp smartcard Version
> 2.1
> by transfering precreated 4096-Bit keys. This is exactly what i am
Well most drivers work on Window
Thank you all for the support!
The mail about needing support for the V3.3 cards in opensc pointed me in the
right direction.
I relied on the information that the V3.3 is backwards compatible to the V2.1
but this does not seem to be the case.
Compiling a fresh gpg 2.2.5 with --enable-ccid-driver
Hello Klaus,
On Thursday, 01 March 2018 10:08:14 CET Klaus Römer wrote:
> This is my target device because it is build-in in our Laptops,
> i found this ct 2017-10 (german computer magazine) Article,
> where they claim the reader to be working with the openpgp smartcard Version
> 2.1 by transferin
> Am 28.02.2018 um 15:56 schrieb Werner Koch :
>
> On Tue, 27 Feb 2018 01:04, k...@glsys.de said:
>
>> gpg2 --version is 2.1.11
>
> That is a pretty old an somewhat buggy version which will likely have
> problems with newer smartcards.
>
>> Tried gpg (GnuPG/MacGPG2) 2.2.3
>> on a completely di
El día Thursday, March 01, 2018 a las 09:14:15AM +0900, NIIBE Yutaka escribió:
> Hello,
>
> Werner Koch wrote:
> > @gniibe: Do you have any more up to date information on macOS and
> > smartcard readers?
>
> If possible, I recommend to use GnuPG's in-stock driver to access
> smartcard. It is d
Hello,
Werner Koch wrote:
> @gniibe: Do you have any more up to date information on macOS and
> smartcard readers?
If possible, I recommend to use GnuPG's in-stock driver to access
smartcard. It is direct access by libusb, not using PC/SC service.
For GNU/Linux, if you don't have any other use
On Tue, 27 Feb 2018 01:04, k...@glsys.de said:
> gpg2 --version is 2.1.11
That is a pretty old an somewhat buggy version which will likely have
problems with newer smartcards.
> Tried gpg (GnuPG/MacGPG2) 2.2.3
> on a completely different machine (mac)
That version is recent enough and as long a
Hello Klaus,
On Tuesday, 27 February 2018 01:04:27 CET Klaus Römer wrote:
> i bought two V3.3 cards, but can`t get them to work …
> the keytocard command does not move the key but copy it and further on the
> gpg2 --card-status -> fetch followed by gpg2 --card-status does not create
> the stub key
Hello,
i bought two V3.3 cards, but can`t get them to work …
the keytocard command does not move the key but copy it and further on the gpg2
--card-status -> fetch
followed by gpg2 --card-status does not create the stub keys, so gpg2
--list-secret-keys does not show any keys ...
I have the same
Hi all,
thank you Damien and Werner for your recent replies.
Even if the reader is performing o.k. now to my amassment.
When I used the feature to create the keys on the card I ran to some
strange and not reproducible problems.
I think this is what Werner refers to. Once I decided to create the ke
On Fri, 6 Jan 2017 14:52, dgouttegat...@incenp.org said:
> For what is worth, I have two such readers, which are working
> flawlessly with the ccid driver [1] and with 2048-bit keys. I have not
> tried them with the internal driver.
IIRC, I added some workarounds but eventually gave up due to to
On 01/06/2017 10:06 AM, gnupg-users.d...@o.banes.ch wrote:
I was under the impression the OmniKey 3121 is a real reader since it is
on the how to [1].
For what is worth, I have two such readers, which are working flawlessly
with the ccid driver [1] and with 2048-bit keys. I have not tried them
Hi Andrew,
thanks for you input. And I will gave it a try.
1) deactivated my script
2) added udev rule ACTION=="add", SUBSYSTEM=="usb",
ATTR{idVendor}=="076b", ATTR{idProduct}=="3022", RUN+="/usr/sbin/service
pcscd restart"
3) testdrive - reader unplug - plug in (USB)
Jan 06 13:55:00 compd kerne
Hi Kristian,
it is not the reader (USB Device) which is removed. It is the Card in
the reader.
I would not know how to monitor this with udev. Is this possible ?
Best regards
Dirk
On 06.01.2017 10:30, Kristian Fiskerstrand wrote:
On 01/06/2017 10:06 AM, gnupg-users.d...@o.banes.ch wrote:
> p.s
On 06/01/17 09:30, Kristian Fiskerstrand wrote:
> On 01/06/2017 10:06 AM, gnupg-users.d...@o.banes.ch wrote:
>> p.s. in the meantime a made a script which tails the scdaemon.log and
>> waits for "Removal of a card:"
>> and then kills the gpg-agent. Not a proper solution - but working so far.
>
> W
On 01/06/2017 10:06 AM, gnupg-users.d...@o.banes.ch wrote:
> p.s. in the meantime a made a script which tails the scdaemon.log and
> waits for "Removal of a card:"
> and then kills the gpg-agent. Not a proper solution - but working so far.
Why not use udev rule to watch for removal event?
--
---
Hi Werner,
thanks for your reply.
I was under the impression the OmniKey 3121 is a real reader since it is
on the how to [1].
What would be a good alternative bevore I buy another bad one.
And I have problems understanding how the issue is connected to the key
length.
The Problem as I see it fr
On Wed, 4 Jan 2017 21:14, gnupg-users.d...@o.banes.ch said:
> thanks for you reply but it is now not working at all. Even if my reader
> - Ominkey 3121 is listed in you link.
Omnikey readers simply don't work correctly with 2k keys or larger. Get
a real reader and not that messy hardware which
Hi Peter,
thanks for you reply but it is now not working at all. Even if my reader
- Ominkey 3121 is listed in you link.
o.k. I removed pcscd and changed the scdaemon.conf to this:
card-timeout 5
#disable-ccid
debug-level basic
log-file /home/dirk/scdaemon.log
debug-ccid-driver
scdaemon Log
201
I think you should be able to use this card reader without pcscd, using the
internal CCID driver of GnuPG[1]. Just stop and disable pcscd, hopefully GnuPG
will find the reader and use it right away. That might solve your problem. I use
GnuPG's internal CCID driver, and it is completely resilient ag
Hello all,
I recently changed to the GnuPG Smartcard which in general works fine
for eMail and for SSH authentication (on Ubuntu 16.10).
The only problem I encountered was that when I pull the card from the
reader and reinsert it the gpg-agent will not recover.
I have to kill him gpgconf --kill
Hello Peter,
Don't worry I can understand.
I will look your new way, and yes pinpad usage is may be the problem, I will
look for that also (but as I have see on rescue mode after boot PINPAD askpass
PIN works fine to pinpad, may be and surely the problem is during boot phase).
Many thanks agai
On 21/05/14 15:24, tux.tsn...@free.fr wrote:
> Could you tel me what reader you use ?
I'm sorry that I currently don't have the time to help you properly.
I used an SCM SCR3310 while "developing" the scripts, but on my main PC (which I
did not use), I use an SCM SPR532.
Yesterday, I suddenly rea
Hello Peter,
Could you tel me what reader you use ?
Thanks in advanced.
Best Ragards
- Mail original -
De: "tux tsndcb"
À: "Peter Lebbing"
Cc: gnupg-users@gnupg.org
Envoyé: Mardi 20 Mai 2014 17:28:20
Objet: Re: gnupg smartcard on boot for LUKS on sid debian
riginal -
De: "tux tsndcb"
À: "Peter Lebbing"
Cc: gnupg-users@gnupg.org
Envoyé: Mardi 20 Mai 2014 16:03:58
Objet: Re: gnupg smartcard on boot for LUKS on sid debian howto ?
Hello Peter,
If I done :
gpg --card-status --debug-ccid-driver => I have no error, so no
Hello Peter,
If I done :
gpg --card-status --debug-ccid-driver => I have no error, so normaly it is
good, isn't it ?
and if I done :
echo scd getinfo reader_list | gpg-connect-agent --decode | awk '/^D/ {print
$2}'
answer
0982:0008:00F5:0
it is well my smartcard reader with my smartcard
Hello Peter
- Mail original -
De: "Peter Lebbing"
À: "tux tsndcb"
Cc: gnupg-users@gnupg.org
Envoyé: Lundi 19 Mai 2014 20:01:38
Objet: Re: gnupg smartcard on boot for LUKS on sid debian howto ?
> But I've always :
>
> gpg: pcsc_etablish_context failed:
Hello,
> First good news, as I tell you during initramfs generation, I see no
> trace for /etc/key/cryptkey.gpg, but this file is obligatory OK
> because passphrase works on boot (with gpg.conf in /etc/keys) (may be
> it it's because my test is for /data/test encrypted FS and not /)
Indeed you wi
Hello Peter,
First good news, as I tell you during initramfs generation, I see no trace for
/etc/key/cryptkey.gpg, but this file is obligatory OK because passphrase works
on boot (with gpg.conf in /etc/keys) (may be it it's because my test is for
/data/test encrypted FS and not /)
But I've alw
Hi Peter,
Thanks for your answer
- Mail original -
De: "Peter Lebbing"
À: "tux tsndcb"
Cc: gnupg-users@gnupg.org
Envoyé: Dimanche 18 Mai 2014 22:04:18
Objet: Re: gnupg smartcard on boot for LUKS on sid debian howto ?
On 18/05/14 18:51, tux.tsn...@free.fr wrote:
On 18/05/14 22:25, tux.tsn...@free.fr wrote:
> PS : I've done new tests with update-initramfs -u -vv -k all to have
> verbose generated initramfs, but I see no /etc/keys/secring.gpg or
> /etc/keys/cryptkey.gpg, is it normal ? but I see well : Calling hook
> cryptgnupg_sc and Calling hook cryptgnupg
On 18/05/14 18:51, tux.tsn...@free.fr wrote:
> I need to check to use gnupg_ccid instead pcsc on your script
pcscd is not installed in the initramfs :). So your reader should be
supported by the internal driver of GnuPG for it to work.
You might have noticed you can optionally put a gpg.conf in /
Hi Peter,
My first return on jessie, on boot ask me PIN to decrypt but failed, but it is
normal, here messages :
Performing GPG key decryption
Enter Smartcard PIN or passphrase for key /etc/keys/cryptkey.gpg
gpg pcsc_establish_context failed : no service (0x8010001d)
gpgh card reader not availab
Hi Peter,
- Mail original -
De: "Peter Lebbing"
À: "tux tsndcb" , gnupg-users@gnupg.org
Envoyé: Dimanche 18 Mai 2014 12:52:52
Objet: Re: gnupg smartcard on boot for LUKS on sid debian howto ?
On 16/05/14 16:06, tux.tsn...@free.fr wrote:
> I answer my self, afte
On 16/05/14 16:06, tux.tsn...@free.fr wrote:
> I answer my self, after, many many tests done, in fact it isn't
> actually possible to do it under sid debian => root cause bug on
> systemd :
That's a pity it doesn't work on sid. I've been meaning to look into
this since you brought it up, and I fin
Hi all,
I answer my self, after, many many tests done, in fact it isn't actually
possible to do it under sid debian => root cause bug on systemd :
Debian Bug report logs - #618862
systemd: ignores keyscript in crypttab
link here : https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618862
Best R
Hi Thomas,
I believe this blog article could be a useful reference:
https://blog.kumina.nl/2010/07/two-factor-luks-using-ubuntu/
I've tested it on my sid debian with my pinpad reader, but the mean matter,
it's on boot my debian failed to acces to my smartcard.
Does somebody have sucessfully u
Hello Peter,
I've read the README.gnupg file in cryptsetup, and it is indicate 3 steps to do
:
1) First, you'll have to create the encrypted keyfile by:
# dd if=/dev/random bs=1 count=256 | gpg --no-options --no-random-seed-file \
--no-default-keyring --keyring /dev/null --secret-keyrin
Hello all,
Someone has an idea to do that please and how to do that ?
All help is appreciated.
Thanks in advanced.
Best Regards.
- Mail original -
De: "tux tsndcb"
À: "Thomas Harning Jr."
Cc: gnupg-users@gnupg.org
Envoyé: Mercredi 16 Avril 2014 22:19:28
Objet: Re
key.gpg file, and if it's
> wrong or broken ask me the usual passphrase.
>
>
> So could you explain us step by step, how to add this key.gpg as
> passphrase on a existing lvm crypted partition and how to have gnupg
> smartcard activate on boot to decrypt
Peter Lebbing" , gnupg-users@gnupg.org
Envoyé: Mercredi 16 Avril 2014 21:32:22
Objet: Re: gnupg smartcard on boot for LUKS on sid debian howto ?
I believe this blog article could be a useful reference:
https://blog.kumina.nl/2010/07/two-factor-luks-using-ubuntu/
This happens to work beauti
it's wrong or broken
ask me the usual passphrase.
So could you explain us step by step, how to add this key.gpg as passphrase on
a existing lvm crypted partition and how to have gnupg smartcard activate on
boot to decrypt the key.gpg file ?
Thanks in advanced for your return.
PS : my
Am Thu, 17 Mar 2011 10:02:43 +0100
schrieb Werner Koch :
> On Wed, 16 Mar 2011 19:31, malte.g...@gmx.de said:
>
> > currently I have some trouble to get my Cyberjack running with
> > PCSC. So I wonder, can GnuPG (2.0.16) also work with CTAPI drivers?
>
> I doubt that. CTAPI has not been used fo
Hello,
currently I have some trouble to get my Cyberjack running with PCSC. So I
wonder, can GnuPG (2.0.16) also work with CTAPI drivers?
Thanx
Malte
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-user
On Mon, 19 Oct 2009 20:55, tux.tsn...@free.fr said:
> Could you tell me if you've a debug tools to test reader's keypad with a
> GnuPG smartcard V2 ?
No I don't have any special tools. I debugged it by changing
ccid-driver.c. On a higher level there is gpg-connect-age
Hello Werner,
Could you tell me if you've a debug tools to test reader's keypad with a GnuPG
smartcard V2 ?
Or could you explain please how you've done your tests and valided the reader's
keypad with a GnuPG smartcard V2 ?
Thanks in advanced for your a
2009/6/13 :
> Not sure if I saw any recommendations and so a second request herewith for
> _friendly_, _helpful_ user lists or forum on Claws mail client for Windows
> XP
I suggest trying a Claws related mailing list. This list is for gnupg
discussions and hence the lack of replies.
Ben
__
On Tue, Jun 9, 2009 at 9:09 AM, Subu wrote:
> On Mon, Jun 8, 2009 at 11:43 AM, Werner Koch - w...@gnupg.org
> <+gpg2+maniams+381edcc67a.wk#gnupg@spamgourmet.com> wrote:
>
>> On Sat, 6 Jun 2009 22:52, malte.g...@gmx.de said:
>>
>> > Does the GPG4Win pac
Werner Koch schrieb:
> On Tue, 9 Jun 2009 06:50, cl...@thewildbeast.co.uk said:
>
>> Try the newer version of claws-mail/gpg4win (light) found here:
>> http://www.claws-mail.org/win32/ This has SSL support using gnutls.
>
> That should be in Gpg4win 1.9.x as well. Quite some time ago we
> integ
On Mon, 8 Jun 2009 22:37, kloec...@kde.org said:
> got a '-' for this feature. Given this KMail clearly deserves a '+' in
> the IMAP category IMNSHO, bringing it pretty much on par with Claws. (I
I noticed that and bet that this is due to the false claims of
non-working Disconnected-IMAP - whi
On Tue, 9 Jun 2009 06:50, cl...@thewildbeast.co.uk said:
> Try the newer version of claws-mail/gpg4win (light) found here:
> http://www.claws-mail.org/win32/ This has SSL support using gnutls.
That should be in Gpg4win 1.9.x as well. Quite some time ago we
integrated the whole GNUTLS stuff just
On Tue, 9 Jun 2009 06:47, cl...@thewildbeast.co.uk said:
> Those magazine articles are almost always sloppy. When do the article
> writers ever consult with the developers? Often they seem like they
They ran several GnuPG related articles and in most cases they contacted
me during the evaluation
On Tue, 9 Jun 2009 09:09:35 +0400
gpg2.20.mani...@dfgh.net wrote:
> any pointers to _friendly_ user list / user forms for Claws on
> _Windows_XP_ would be appreciated
The gpg4win users list
http://lists.wald.intevation.org/mailman/listinfo/gpg4win-users-en
or the claws-mail-users list
claws-mai
On Mon, 08 Jun 2009 22:37:24 +0200
Ingo Klöcker wrote:
> I was a bit disappointed of this article.
Those magazine articles are almost always sloppy. When do the article
writers ever consult with the developers? Often they seem like they
spend no more 5 minutes 'testing' an app. Even the Claws M
On Mon, 08 Jun 2009 21:44:00 +0200
Malte Gell wrote:
> I see, Claws seems to have very capable filter capabilities. Ugly UI
> under Windows, but powerful ;-) I noticed, it does not support SSL
> encrypted transmission of pop/smtp passwords?
Try the newer version of claws-mail/gpg4win (light) fo
On Mon, Jun 8, 2009 at 11:43 AM, Werner Koch - w...@gnupg.org
<+gpg2+maniams+381edcc67a.wk#gnupg@spamgourmet.com> wrote:
> On Sat, 6 Jun 2009 22:52, malte.g...@gmx.de said:
>
> > Does the GPG4Win package support the GnuPG smartcard? Of course, given
> there is a
On Monday 08 June 2009, Werner Koch wrote:
> On Sat, 6 Jun 2009 22:52, malte.g...@gmx.de said:
> > Does the GPG4Win package support the GnuPG smartcard? Of course,
> > given there is a reader and its driver installed first...
>
> Yes.
>
> > And, how powerful is the
Werner Koch schrieb:
> On Sat, 6 Jun 2009 22:52, malte.g...@gmx.de said:
>> Does the GPG4Win package support the GnuPG smartcard? Of course, given there
>> is a reader and its driver installed first...
>
> Yes.
Indeed, GPG4Win works very smoothly.
>> And, how powerfu
On Sat, 6 Jun 2009 22:52, malte.g...@gmx.de said:
> Does the GPG4Win package support the GnuPG smartcard? Of course, given there
> is a reader and its driver installed first...
Yes.
> And, how powerful is the Claws client? Does it support multiple pop, smtp
> accounts and IMAP?
Hi there!
Does the GPG4Win package support the GnuPG smartcard? Of course, given there is
a reader and its driver installed first...
And, how powerful is the Claws client? Does it support multiple pop, smtp
accounts and IMAP?
Thanx a lot in advance
Malte
--
GMX FreeDSL mit DSL 6.000
On Tue, 6 May 2008 00:03, [EMAIL PROTECTED] said:
> I think I remember that 2048-bit RSA cards might be available soon...
> Was that by PPC Card? Any news on that?
We even have a new draft which allows to re-activate blocked card. New
cards will be done but that will take several months.
> P.S
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
(Had some very odd message from the MTA... sorry if this is a repost.
Not sure if my original posting made it to the list.)
Werner Koch schrieb:
> On Sun, 4 May 2008 04:00, [EMAIL PROTECTED] said:
>
>> The smartcard can store 3 1024-bit RSA keys. It
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Werner Koch schrieb:
> On Sun, 4 May 2008 04:00, [EMAIL PROTECTED] said:
>
>> The smartcard can store 3 1024-bit RSA keys. It cannot store a 2048-
>> bit key.
>
> That depends on the actual card. GnuPG implements a specification and
> allows all k
On Sun, 4 May 2008 04:00, [EMAIL PROTECTED] said:
> The smartcard can store 3 1024-bit RSA keys. It cannot store a 2048-
> bit key.
That depends on the actual card. GnuPG implements a specification and
allows all key sizes. There are some restrictions due to the limited
size of an APDU. The
Hello,
You can check out gnupg-pkcs11-scd [1], it does allow more keys
(1024/2048) for gpgsm and 2048 key for gpg.
Alon.
[1] http://gnupg-pkcs11.sourceforge.net
On 5/4/08, Su Lu <[EMAIL PROTECTED]> wrote:
> Hello All,
>
> I am currently working on GnuPG Smartcard, and
On May 3, 2008, at 5:58 PM, Su Lu wrote:
Hello All,
I am currently working on GnuPG Smartcard, and I am wondering
whether it is allowed for a GnuPG Smartcard to store multiple
1024/2048 bit RSA keys. Thanks a lot!
The smartcard can store 3 1024-bit RSA keys. It cannot store a 2048
Hello All,
I am currently working on GnuPG Smartcard, and I am wondering whether it is
allowed for a GnuPG Smartcard to store multiple 1024/2048 bit RSA keys. Thanks
a lot!
Best regards,
Su Lu
[EMAIL PROTECTED]
2008-05-03
___
Gnupg
Hello All,
I am currently working on GnuPG Smartcard, and I am wondering whether it is
allowed for a GnuPG Smartcard to store multiple 1024/2048 bit RSA keys. Thanks
a lot!
Best regards,
Su Lu
[EMAIL PROTECTED]
2008-05-03
___
Gnupg
Hello list,
this is probably something I should post to a KDE list as well, but
there are probably more users here who use a GnuPG smartcard along with
KDE than elsewhere.
Here's the thing: I got a GnuPG smartcard (but have yet to buy a card
reader) by becoming an fsfe.org fellow and li
* On Sun, 28 May 2006 23:12:34 +0200,
* Volker Dormeyer <[EMAIL PROTECTED]> wrote:
* On Sun, 28 May 2006 16:30:55 -0400,
* David Shaw <[EMAIL PROTECTED]> wrote:
> On Sun, May 28, 2006 at 08:24:14PM +0200, Volker Dormeyer wrote:
>> Hello all,
>>
>> recently I received a message which is e
Hi David,
thanks for the reply.
* On Sun, 28 May 2006 16:30:55 -0400,
* David Shaw <[EMAIL PROTECTED]> wrote:
> On Sun, May 28, 2006 at 08:24:14PM +0200, Volker Dormeyer wrote:
>> Hello all,
>>
>> recently I received a message which is encrypted with my public
>> authentication key inste
On Sun, May 28, 2006 at 08:24:14PM +0200, Volker Dormeyer wrote:
> Hello all,
>
> recently I received a message which is encrypted with my public
> authentication key instead of my encryption key.
>
> I wonder how this can happen, because I thought GnuPG does not use the
> authentication key as e
Hello all,
recently I received a message which is encrypted with my public
authentication key instead of my encryption key.
I wonder how this can happen, because I thought GnuPG does not use the
authentication key as encryption key. Am I wrong?
Further, I am not able to decrypt the message. I tr
On Mon, 14 Mar 2005 19:19:43 +0900, Kory T said:
> the list know whether it's possible to import off-card generated keys
> into OpenPGP Card which are larger than 1024bits? I now know that the
> card is only capable of 'generating' 1024bit keys on the card, but
> there should be enough space to s
try answer your question.
I am not sure whether GnuPG at this stage supports other cards
than
OpenPGP card. But for this card you may find some points
mentioned
below quite helpful:
The GnuPG Smartcard HOWTO
Written by Werner Koch <[EMAIL PROTECTED]>
v0.0, 2004-09-21
Ta
75 matches
Mail list logo
