| Yubico Forum https://forum.yubico.com/ |
|
| macOS 10.12.3 update breaks GnuPG compatability? https://forum.yubico.com/viewtopic.php?f=35&t=2564 |
Page 1 of 1 |
| Author: | jwiegley [ Thu Feb 09, 2017 6:38 pm ] |
| Post subject: | macOS 10.12.3 update breaks GnuPG compatability? |
Hello, I use my Yubikey 4 with GnuPG. With 10.12.2 it works perfectly. However, 10.12.3 makes the card invisible to GnuPG. That is, gpg2 --card-status reports that no card is available, even though system profiler reports that the card is present, OTP works, etc. I'm not even sure what it is that was broken by this update, but I thought I'd let people here know. Thanks, John |
|
| Author: | castillar [ Mon Feb 13, 2017 8:10 pm ] |
| Post subject: | Re: macOS 10.12.3 update breaks GnuPG compatability? |
I've had a similar issue suddenly that I think I may have resolved! A couple questions for you:
With my installation, I discovered that if I manually ran /usr/local/Cellar/gnupg21/2.1.18/libexec/scdaemon, I suddenly had an scdaemon process, and GnuPG began behaving itself. That may or may not be related to your problem, but it at least might generate some useful debugging information to help suss out where the issue is. |
|
| Author: | jwiegley [ Mon Feb 13, 2017 9:28 pm ] |
| Post subject: | Re: macOS 10.12.3 update breaks GnuPG compatability? |
I'm using these versions: scdaemon (GnuPG) 2.1.18 libgcrypt 1.7.6 libksba 1.3.5 I do have `scdaemon --multi-server` running. Starting or stopping it, running it manually, does not change the situation. I have no scdaemon.conf file. John |
|
| Author: | castillar [ Tue Feb 14, 2017 6:29 am ] |
| Post subject: | Re: macOS 10.12.3 update breaks GnuPG compatability? |
Rats. Well, it was worth a shot. I'm using the same version of GnuPG (2.1.18, from homebrew). FWIW, here's my scdaemon.conf file, but if stopping/starting isn't generating anything, I doubt that's it. Code: pcsc-driver /System/Library/Frameworks/PCSC.framework/PCSC card-timeout 1 disable-ccid log-file <homedir>/scdaemon.log.txt verbose debug-level guru (<homedir> is the path to my home directory) |
|
| Author: | jwiegley [ Tue Feb 14, 2017 6:37 am ] |
| Post subject: | Re: macOS 10.12.3 update breaks GnuPG compatability? |
Add your scdaemon.conf contents fixed it for me! I think it was the PCSC reference that I needed. |
|
| Author: | trouble [ Tue Feb 14, 2017 12:55 pm ] |
| Post subject: | Re: macOS 10.12.3 update breaks GnuPG compatability? |
I don't think macOS 10.12.3 is the problem. I was running GnuPG 2.1.6 without problems on macOS 10.12.3. The upgrade to GnuPG 2.1.8 broke things for me. As mentioned in another thread, compiling GnuPG 2.1.8 --without-libusb fixed the problem for me. I think the ``disable-ccid`` in castillar's configuration file might be what fixes it for you two, since that stops scdaemon from using libusb (as far as I can tell). Just tried this: installed the binary gnupg21 from homebrew (with libusb support). Without ``disable-ccid``in my scdaemon.conf: no worky. Adding ``disable-ccid`` to my scdaemon.conf: works. The presence of ``pcsc-driver /System/Library/Frameworks/PCSC.framework/PCSC`` doesn't make any difference. |
|
| Author: | castillar [ Wed Feb 15, 2017 7:38 pm ] |
| Post subject: | Re: macOS 10.12.3 update breaks GnuPG compatability? |
Awesome, and glad to hear there's both a good workaround and a potential source to look at to solve it. I'll try configuring Homebrew to compile out libusb and see if that permanently implements the fix. |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|