Hi everybody,

I'm having the same problem and found the following steps to reproduce:

0. Configure your Yubikey NEO to eject the card on button press:
   ykneomgr -M81
   Re-plug it afterwards!
1. Insert the Yubikey and press button to insert the (virtual) card
2. Use the authentication key stored on the card to log in to a SSH host
3. Press button to remove the (virtual) card
   (or wait if you have a timeout for auto-eject configured)
4. Press button to insert the (virtual) card again
5. Do anything that requires the card (e.g. gpg -d)
   gpg: public key decryption failed: Conflicting use

Instead of having the SSH session still open, it suffices to have a
persistent connection (ControlPersist ssh config option). Apparently,
even an authenticated SSH session somehow still uses the agent (even
without agent forwarding configured), and if the card was removed and
re-inserted, this somehow blocks its usage.

So instead of restarting the gpg-agent, you can also kill all open ssh
sessions.

Best regards,
Jan-Philipp Litza

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to