Page MenuHome GnuPG

any v2 smartcard usage gives Unknown IPC command error
Closed, ResolvedPublic


I can not seem to find a reply button, so I open my own bug.
Might be related to "Omnikey based readers are broken for keys >= ~ 2048 bit"
( but my Gemalto PC USB-SL reader is not
working either.

~/ /usr/bin/gpg2 --card-edit
gpg: OpenPGP card not available: Unknown IPC command
Command> admin
Admin commands are allowed
Command> generate
gpg: key operation not possible: Unknown IPC command
Command> quit

~/ aptitude show gnupg2
Package: gnupg2
New: yes
State: installed
Automatically installed: no
Version: 2.0.12-0ubuntu1

Also tried gpg, which works, but gives me an general error after key generation
(which is obvious since it lacks the V2 patches)

~/ gpg --card-edit

gpg: detected reader `OmniKey CardMan 3621 00 00'
Application ID ...: D2760001240102000005000001160000
Version ..........: 2.0
Manufacturer .....: unknown
Serial number ....: 00000116
Name of cardholder: [not set]
Language prefs ...: de
Sex ..............: unspecified
URL of public key : [not set]
Login data .......: [not set]
Private DO 1 .....: [not set]
Private DO 2 .....: [not set]
Signature PIN ....: forced
Max. PIN lengths .: 32 32 32
PIN retry counter : 3 0 3
Signature counter : 0
Signature key ....: [none]
Encryption key....: [none]
Authentication key: [none]
General key info..: [none]


gpg: generating new key
gpg: please wait while key is being generated ...
gpg: generating key failed
gpg: key generation failed: general error
Key generation failed: general error

I also tried lastast SVN, but with pcscd.
Can u tell me how to use the internal ccid driver?

Event Timeline

werner claimed this task.
werner added a project: Not A Bug.

You are using an gpg-agent too old for the used gpg version.
In case you are intrested in what is causing the problems, add the line

debug 1024
log-file somefile

to the ~/.gnupg/gpg-agent.conf and restart the agent. You should see all the
commands traveling between gpg and gpg-agent. It wmight also be on the scdaemon
part; then put the same option into scdaemon.conf.