使用 Debian Jessie 和 GnuPG 2,每次我尝试使用 GnuPG 2 ( gpg2
) 或gpg-connect-agent
与 OpenPGP 智能卡(在我的例子中是 YubiKey)一起使用时,操作都会失败并显示一条消息
$ gpg-connect-agent --hex "scd apdu 00 f1 00 00" /bye
ERR 67108983 No SmartCard daemon <GPG Agent>
$ gpg2 --card-status
ERR 67108983 No SmartCard daemon <GPG Agent>
当使用旧版 GnuPG 1 ( gpg
) 时,一切正常。
这里出了什么问题?
答案1
scdaemon
不见了
GnuPG 2 通过 连接到卡gpg-agent
,这同样不包括智能卡功能,而是通过另一个应用程序访问它们。这可以配置并具有与系统相关的默认值,来自man gpg-agent
:
--scdaemon-program filename
Use program filename as the Smartcard daemon. The default is
installation dependent and can be shown with the gpgconf command.
这样做表明 GnuPG 尝试运行/usr/lib/gnupg2/scdaemon
:
$ gpgconf
gpg:GPG für OpenPGP:/usr/bin/gpg2
gpg-agent:GPG Agent:/usr/bin/gpg-agent
scdaemon:Smartcard Daemon:/usr/lib/gnupg2/scdaemon
[snip]
但这不可用:
$ /usr/lib/gnupg2/scdaemon
bash: /usr/lib/gnupg2/scdaemon2: No such file or directory
安装中scdaemon
快速查询apt-cache
显示 Debian从软件包scdaemon
中删除了该gnupg2
软件包,可能是因为它引入了一堆新的依赖项,否则 GnuPG 不会有:
Package: scdaemon
Source: gnupg2
Version: 2.1.10-3
Installed-Size: 538
Maintainer: Debian GnuPG Maintainers <[email protected]>
Architecture: amd64
Replaces: gpgsm (<< 2.0.18-2)
Depends: gnupg-agent (= 2.1.10-3), libassuan0 (>= 2.2.0), libc6 (>= 2.15),
libgcrypt20 (>= 1.6.1), libgpg-error0 (>= 1.14), libksba8 (>= 1.2.0),
libnpth0 (>= 0.90), libusb-0.1-4 (>= 2:0.1.12)
Breaks: gpgsm (<< 2.0.18-2)
Description-en: GNU privacy guard - smart card support
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC4880.
.
This package contains the smart card program scdaemon, which is used
by gnupg-agent to access OpenPGP smart cards.
安装它可以sudo apt-get install scdaemon
解决该问题。