我正在尝试将 Omnikey 6121 智能卡读卡器与 OpenPGPv2 智能卡一起使用。据我所知,读卡器已被识别,gpg --card-status
并且我能够编辑一些卡详细信息,如 URL、名称等
但是,当我尝试发出“keytocard”命令时,出现以下信息:
gpg: writing new key
gpg: 3 Admin PIN attempts remaining before card is permanently locked
Please enter the Admin PIN
gpg: ccid_transceive failed: (0x10002)
gpg: apdu_send_simple(0) failed: invalid value
gpg: failed to store the key: invalid argument
gpg: error writing key to card: invalid argument
与--debug-ccid-driver相同的错误。
类似地,如果我仅发出“generate”:
gpg/card> generate
Make off-card backup of encryption key? (Y/n) n
Please enter the PIN
What keysize do you want for the Signature key? (2048)
What keysize do you want for the Encryption key? (2048)
What keysize do you want for the Authentication key? (2048)
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y
You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and E-mail Address in this form:
"Heinrich Heine (Der Dichter) <[email protected]>"
Real name: Deim0s Anomaly
E-mail address: [email protected]
Comment:
You selected this USER-ID:
"Deim0s Anomaly <[email protected]>"
Change (N)ame, (C)omment, (E)-mail or (O)kay/(Q)uit? O
gpg: generating new key
gpg: 3 Admin PIN attempts remaining before card is permanently locked
Please enter the Admin PIN
gpg: please wait while key is being generated ...
gpg: generating key failed
gpg: key generation failed: general error
Key generation failed: general error
gpg/card>
发生了什么事?有人能帮忙吗?
答案1
很奇怪,但我终于设法让这个设置工作了(奥姆尼凯 6121+OpenGPG v2 卡)这就是凡人可以达到同样的效果:
- 在 /etc/X11/Xsession.d/ 中禁用
90gpg-agent-mine
和,90ssh-agent-mine
这样它们就不会尝试启动 gpg-agent 或 ssh-agent - 创建一个新的 gpg-agent-wrapper 如下所述https://blog.flameeyes.eu/2010/08/smart-cards-and-secret-agents
在 (1) 中,不从那里启动 gpg-agent 的原因是它不会启用 --enable-ssh-support,而这正是我想要的。
通过发出gpg --card-status
,您现在会注意到一个小小的延迟,然后:
gpg: detected reader `OMNIKEY CardMan (076B:6622) 6121 00 00'
Application ID ...: ......
这意味着卡现在也可以用于写入操作!耶!我的keytocard
成功了 :)