On Freitag, 7. November 2025 11:43:58 Mitteleuropäische Normalzeit Franck Routier (Personnel) via Gnupg-users wrote: > I'm trying to use my Yubikey with libpam-poldi to sudo on a Ubuntu based > OS (Tuxedo OS). [...] > My .gnupg/scdaemon.conf file looks like this: > disable-ccid > > My /etc/pam.d/sudo and /etc/pam.d/sudo-i have auth sufficient pam_poldi.so > > And finally .gnupg/gpg-agent.conf looks like: > pinentry-program /usr/bin/pinentry-qt > debug-lvel 3
Typo? In any case, avoid the weird debug-level setting. Use "debug ipc" instead. Also set log-file so that the logs don't end up in some random place (or nowhere). > enable-ssh-support > ttyname $GPG_TTY > default-cache-ttl 60 > max-cache-ttl 120 > > > Nos, when I try to sudo, I am asked to insert my card, and asked for a > password, but never for a PIN: > > $sudo su > Insert authentication card for user `franck' > Trying authentication as user `franck'... > [sudo] password for franck: Very likely gpg-agent fails to start pinentry-qt or pinentry-qt fails to start because there's no window manager running. Try using pinentry-curses or pinentry-tty instead of pinentry-qt if you are anyway using the terminal. Regards, Ingo
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-users
