The symptom is basically T5409. The thing is, when I restart with the hardware key plugged in, and once logged in, rush to gpg --card-status, it can be read like normal. Not so if waiting a while before reading, or unplugging and re-plugging.
macOS 14.0 (23A339), GnuPG 2.4.3 installed through MacPorts. The key is a CanoKey (https://canokeys.org), but worked fine a year ago, and can still be read using its web console.
~/.gnupg/scdaemon.conf
pcsc-driver /System/Library/Frameworks/PCSC.framework/PCSC disable-ccid pcsc-shared log-file ~/.gnupg/scd.log debug-level guru debug-all debug-ccid-driver verbose verbose verbose
❯ gpgconf --kill all; killall scdaemon; killall dirmngr; killall gpg; killall gpg-agent; gpg --card-status --debug all
No matching processes belonging to you were found
No matching processes belonging to you were found
No matching processes belonging to you were found
No matching processes belonging to you were found
gpg: reading options from '~/.gnupg/gpg.conf'
gpg: reading options from '[cmdline]'
gpg: enabled debug flags: packet mpi crypto filter iobuf memory cache memstat trust hashing ipc clock lookup extprog
gpg: enabled compatibility flags:
gpg: DBG: [no clock] start
gpg: no running gpg-agent - starting '/opt/local/bin/gpg-agent'
gpg: waiting for the agent to come up ... (5s)
gpg: DBG: chan_3 <- OK Pleased to meet you, process 95749
gpg: connection to the agent established
gpg: DBG: chan_3 -> RESET
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION ttyname=/dev/ttys000
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION ttytype=xterm-256color
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION lc-ctype=en_US.UTF-8
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION lc-messages=en_US.UTF-8
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> GETINFO version
gpg: DBG: chan_3 <- D 2.4.3
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION allow-pinentry-notify
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> OPTION agent-awareness=2.1.0
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> SCD GETINFO version
gpg: DBG: chan_3 <- D 2.4.3
gpg: DBG: chan_3 <- OK
gpg: DBG: chan_3 -> SCD SERIALNO
gpg: DBG: chan_3 <- ERR 100696144 Operation not supported by device <SCD>
gpg: selecting card failed: Operation not supported by device
gpg: OpenPGP card not available: Operation not supported by device
gpg: DBG: [no clock] stop
gpg: keydb: handles=0 locks=0 parse=0 get=0
gpg: build=0 update=0 insert=0 delete=0
gpg: reset=0 found=0 not=0 cache=0 not=0
gpg: kid_not_found_cache: count=0 peak=0 flushes=0
gpg: sig_cache: total=0 cached=0 good=0 bad=0
gpg: objcache: keys=0/0/0 chains=0,0..0 buckets=0/0 attic=0
gpg: objcache: uids=0/0/0 chains=0,0..0 buckets=0/0
gpg: random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
outmix=0 getlvl1=0/0 getlvl2=0/0
gpg: rndjent stat: collector=0x0000000000000000 calls=0 bytes=0
gpg: secmem usage: 0/32768 bytes in 0 blocks
❯ gpg --version
gpg (GnuPG) 2.4.3
libgcrypt 1.10.2
Copyright (C) 2023 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
❯ /opt/local/libexec/scdaemon --version
scdaemon (GnuPG) 2.4.3
libgcrypt 1.10.2
libksba 1.6.4
Copyright (C) 2023 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.