Page MenuHome GnuPG

scdaemon option 'card-timeout' does not have any effect
Open, NormalPublic


As recently mentioned here by me and by a Debian user here the scdaemon option "card-timeout" seems to do nothing. At least for openpgp smartcards.

Please check if this behavior can be fixed. Maybe the finding of the debian user helps (second link).

This option could be important for this feature request as well:

Thanks alot


gnupg-2.2.0-1 (ArchLinux)

Event Timeline

gniibe triaged this task as Normal priority.
gniibe added a subscriber: gniibe.

Let me explain the situation.

In scdaemon manual, it explained as scdaemon will be powering down the smartcard by the value specified.
But, it never has been implemented as described.

In 2.0, it was a variable to control scdaemon to allow DISCONNECT command.
In 2.1, scdaemon has been improved to allow DISCONNECT command always.

Thus, it is true, this variable has no effect in 2.1.

I meant, 'card-timeout' was not intended for controlling caching PIN on card. It was for "DISCONNECT" command support.
I'm going to remove questionable documentation.

werner added a subscriber: werner.

I see a regression with your fix. This option is even controllable with gpgconf at the basic level. It would be better to make it a dummy option.

I see the regression of gpgconf. I wonder if it's better to fix gpgconf side, too.

It has been a dummy option for years (since GnuPG 2.1). For the record, I write more detail here.

It never worked as these bug reporter expected (directly control access from scdaemon to card by time out), it only changed the behavior of DISCONNECT command. A user required to issue DISCONNECT command anyway and the option could change how DISCONNECT was done. <-- This is 2.0.

Since 2.1, DISCONNECT command works well always, regardless of this option.