Yubico Forum
https://forum.yubico.com/

[Q] GPG Smartcard + Static password for partial pin problem
https://forum.yubico.com/viewtopic.php?f=26&t=1546
Page 1 of 1

Author:  jgrowl [ Fri Oct 24, 2014 5:39 pm ]
Post subject:  [Q] GPG Smartcard + Static password for partial pin problem

I want to use the Yubikey Neo as a GPG smartcard and use the static password functionality as part of the the pin for the smartcard.

I have the GPG smart card working as well as a static password setup. There seems to be an issue however trying to use both at the same time.
When I go to decrypt a document, the Pinentry Mac password field pops up. I then enter in a partial memorized password and then hold down the button on the yubikey to output the static password in Slot 2. The decryption will always fail.

The strange thing is that it works if I do the following:
1.) Prevent the Yubikey from automatically doing a carriage return
2.) Type in my partial password and then hold down the yubikey for slot2
3.) Check the 'Show Typing' option on the Pinentry popup
4.) Copy the entire password to the clipboard
5.) Cancel out of the Pinentry popup
6.) Attempt to decrypt, making the popup show again
7.) Paste the contents of the clipboard

So my question is: Does using a static password 'break' the GPG smart card feature when used together?

Author:  Tom [ Mon Oct 27, 2014 3:52 pm ]
Post subject:  Re: [Q] GPG Smartcard + Static password for partial pin prob

If you touch the Yubikey the smartcard is ejected thus the gpg-agent my complain in unexpected ways.

The smartcard is then auto-reinserted when the otp/pass is emitted.

I suspect this is the root of your issue.

Tom

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/