On Thu, Oct 27, 2016 at 4:42 PM, Corey Sheldon sheldon.corey@openmailbox.org wrote:
On 10/27/2016 02:20 AM, Laverne Schrock wrote:
Hi,
I have several Fedora 24 boxes, all of which have /home from NFS. Some of these boxes were fresh installs and some are upgrades from 23 (some of which were fresh installs, and some of which were probably upgrades from 22, etc).
On the fresh installs, running `gpg2 --card-status` prints out the card info. On the upgraded boxes, running the same command gives
gpg: selecting openpgp failed: No such device gpg: OpenPGP card not available: No such device
On both boxes, `rpm -qa | grep gnupg | sort` gives
gnupg-1.4.21-1.fc24.x86_64 gnupg2-2.1.13-2.fc24.x86_64 gnupg2-smime-2.1.13-2.fc24.x86_64
On both boxes, `rpm -qa | grep pcsc` gives
pcsc-lite-1.8.17-2.fc24.x86_64 pcsc-lite-ccid-1.4.23-1.fc24.x86_64 pcsc-lite-libs-1.8.17-2.fc24.x86_64
On both boxes, `ps ax -o user,stat,command | grep scd` gives
root Ssl /usr/sbin/pcscd --foreground --auto-exit schr1230 SLl scdaemon --multi-server
On the fresh boxes, the pcscd process sometimes dies, but it comes right back when I run `gpg2 --card-status` again. It doesn't seem to die on the old (non-working) boxes.
I've checked dmesg and the device is being detected. It is a Yubikey Neo. On the upgraded machines, when I log out after trying this (or even just Ctrl-Alt-F1 to gdm) there is a popup that says
Authentication is required to access the smartcard. Administrator Password: <box for pw here>
Entering the password has no effect.
Any idea on what might be different on these older systems that prevent this from working?
Thanks, Laverne Schrock _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-leave@lists.fedoraproject.org
At this point:
Authentication is required to access the smartcard. Administrator Password: <box for pw here>
what admin password are you using the local system admin password or the smartcard admin password ( which on MOST smartcards, assuming no `unblock pin` has been run is 123456
I was trying the local root password. It didn't occur to me to try using the admin PIN. I'll try that next time I'm able to reproduce the prompt (turns out it is a little intermittent). That said, one really *shouldn't* need the admin pin for everyday tasks.
-
Laverne Schrock