Debian Bug report logs - #802586
gnupg2: Fails to sign using smartcard after upgrade

version graph

Package: gnupg2; Maintainer for gnupg2 is Debian GnuPG Maintainers <pkg-gnupg-maint@lists.alioth.debian.org>; Source for gnupg2 is src:gnupg2 (PTS, buildd, popcon).

Reported by: Mark Brown <broonie@debian.org>

Date: Wed, 21 Oct 2015 12:21:01 UTC

Severity: normal

Found in versions gnupg2/2.1.9-1, gnupg2/2.1.11-7

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian GnuPG Maintainers <pkg-gnupg-maint@lists.alioth.debian.org>:
Bug#802586; Package gnupg2. (Wed, 21 Oct 2015 12:21:05 GMT) (full text, mbox, link).


Acknowledgement sent to Mark Brown <broonie@debian.org>:
New Bug report received and forwarded. Copy sent to Debian GnuPG Maintainers <pkg-gnupg-maint@lists.alioth.debian.org>.

Your message specified a Severity: in the pseudo-header, but the severity value import was not recognised. The default severity normal is being used instead. The recognised values are: critical, grave, serious, important, normal, minor, wishlist, fixed.

(Wed, 21 Oct 2015 12:21:05 GMT) (full text, mbox, link).


Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Mark Brown <broonie@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: gnupg2: Fails to sign using smartcard after upgrade
Date: Wed, 21 Oct 2015 13:15:59 +0100
Package: gnupg2
Version: 2.1.9-1
Severity: import

After upgrading to GnuPG 2.1 attempts to sign anything using my
smartcard resulted in:

| gpg: signing failed: No secret key

which is obviously undesirable.  I'm using gnupg-agent with a smartcard,
the agent appears to be able to interact with the card since I am able
to use it to authenticate with remote SSH systems (something that was
previously broken).

I was able to list secret keys so it appears that my secret keyring is
intact (and I tested by regenerating from scratch using --card-status
which seemed to DTRT):

| $ /home/broonie/.gnupg/pubring.gpg
| --------------------------------
| sec#  rsa4096/30F5D8EB 2011-10-21
| uid         [ultimate] Mark Brown <broonie@sirena.org.uk>
| uid         [ultimate] Mark Brown <broonie@debian.org>
| uid         [ultimate] Mark Brown <broonie@kernel.org>
| uid         [ultimate] Mark Brown <broonie@tardis.ed.ac.uk>
| uid         [ultimate] Mark Brown <broonie@linaro.org>
| uid         [ultimate] Mark Brown <Mark.Brown@linaro.org>
| ssb#  rsa4096/7B78DB59 2011-10-21
| ssb#  rsa4096/7EA229BD 2012-09-15 [expires: 2016-08-26]
| ssb>  rsa2048/6D1F3CC5 2014-08-31 [expires: 2016-08-30]
| ssb#  rsa2048/5D5487D0 2014-08-31 [expires: 2016-08-30]
| ssb#  rsa2048/4F7C301E 2014-08-31 [expires: 2016-08-30]

and the --card-status and --card-edit interfaces appear functional.  I
was eventually able to resolve this by deleting the contents of the
private-keys-v1.d directory and using --card-status to recreate the stub
key for the smartcard, it looks like the upgrade didn't successfully
import that from my old secret ring.

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.2.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gnupg2 depends on:
ii  dpkg           1.18.3
ii  gnupg-agent    2.1.9-1
ii  install-info   6.0.0.dfsg.1-3
ii  libassuan0     2.3.0-1
ii  libbz2-1.0     1.0.6-8
ii  libc6          2.19-22
ii  libgcrypt20    1.6.4-3
ii  libgpg-error0  1.20-1
ii  libksba8       1.3.3-1
ii  libreadline6   6.3-8+b3
ii  zlib1g         1:1.2.8.dfsg-2+b1

Versions of packages gnupg2 recommends:
ii  dirmngr  2.1.9-1

Versions of packages gnupg2 suggests:
pn  gnupg-doc   <none>
pn  parcimonie  <none>
pn  xloadimage  <none>

-- no debconf information



Information forwarded to debian-bugs-dist@lists.debian.org, Debian GnuPG Maintainers <pkg-gnupg-maint@lists.alioth.debian.org>:
Bug#802586; Package gnupg2. (Sat, 11 Jun 2016 10:51:04 GMT) (full text, mbox, link).


Acknowledgement sent to Tim Small <tim@seoss.co.uk>:
Extra info received and forwarded to list. Copy sent to Debian GnuPG Maintainers <pkg-gnupg-maint@lists.alioth.debian.org>. (Sat, 11 Jun 2016 10:51:04 GMT) (full text, mbox, link).


Message #10 received at 802586@bugs.debian.org (full text, mbox, reply):

From: Tim Small <tim@seoss.co.uk>
To: Debian Bug Tracking System <802586@bugs.debian.org>
Subject: Re: gnupg2: Fails to sign using smartcard after upgrade
Date: Sat, 11 Jun 2016 11:17:26 +0100
Package: gnupg-agent
Version: 2.1.11-7
Followup-For: Bug #802586

Identical behaviour with recent upgrade from Jessie to testing using an
OpenPGP compatible card with 4096 bit keys, including ssh-auth working
fine...

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.5.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gnupg-agent depends on:
ii  libassuan0                  2.4.2-3
ii  libc6                       2.22-9
ii  libgcrypt20                 1.7.0-2
ii  libgpg-error0               1.22-2
ii  libnpth0                    1.2-3
ii  libreadline6                6.3-8+b4
ii  pinentry-gnome3 [pinentry]  0.9.7-5
ii  pinentry-gtk2 [pinentry]    0.9.7-5
ii  pinentry-qt [pinentry]      0.9.7-5

Versions of packages gnupg-agent recommends:
ii  gnupg   1.4.20-6
ii  gnupg2  2.1.11-7
ii  gpgsm   2.1.11-7

gnupg-agent suggests no packages.

-- debconf-show failed



Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sun Jan 14 06:40:40 2024; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.