Re: Possible bug when using smartcards and gpg-agent2.0 as the ssh-agent

2015-08-12 Thread Peter Lebbing 
On 12/08/15 20:55, Víctor Cuadrado Juan wrote:
> This seems like a bug.

The serial number is part of the application ID, it's not a bug. The one is
more verbose than the other. The AID ends in four zeroes, but the part before
that is the serial number and manufacturer ID.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Possible bug when using smartcards and gpg-agent2.0 as the ssh-agent

2015-08-12 Thread Víctor Cuadrado Juan 
Hello,

I'm using gpg-agent 2.0.28 (Debian Stretch) as the ssh agent, with
"enable-ssh-suport".
I have disabled the Gnome Keyring, and I'm only using gpg-agent. I have
a properly configured Yubikey Neo with an auth subkey, and the Yubikey
is correctly configured and in use. I have a clean ~/.gnupg/sshcontrol
file, and no ~/.ssh directory at all.

At first instance everything works fine, 'ssh-add -l' and 'ssh-add -L'
show my key when I have my Yubikey connected: (I'm redacting the key and
the card number)

$ ssh-add -l
2048 **:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**
cardno:00060*** (RSA)

Yet when I try to use it to connect to the server by ssh I get a GUI
popup that says:

"take out the current card and insert the one with the serial number:
D*060***"
(In my case, in spanish, "Retire tarjeta actual e inserte la que
tiene número de serie: ")

The serial number on ssh-add -L is the same "card-no" that appears next
to the auth subkey in gpg --card-status, which is 12 chars long.

The gpg-agent pop-up serial numbers seems to correspond to the
"Application ID" displayed in gpg --card-status, which is 32 chars long.

This seems like a bug. Am I missing something? Should I post this on
gnupg-devel?

Thanks in advance,

-- 
Víctor

--
E-Mail: , OpenPGP-Key-ID: 0xA2591E231E251F36
Key fingerprint: E3C5 114C 0C5B 4C49 BA03  0991 A259 1E23 1E25 1F36
My signed E-Mails are trustworthy.






signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users