Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Using with gpg-agent #45

Closed
pelme opened this issue Aug 24, 2015 · 5 comments
Closed

Using with gpg-agent #45

pelme opened this issue Aug 24, 2015 · 5 comments

Comments

@pelme
Copy link

pelme commented Aug 24, 2015

I use my Yubikey NEO as GPG-key (mostly for SSH authentication) and with yubioath-desktop, however, when the key is in use by gpg-agent, Yubico Authenticator says "YubiKey already in use!".

Is there a way to get around this? It is kind of annoying to physically unplug/plug the Yubikey pretty much everytime I should use it.

(Sorry if this is not the appropriate forum for this kind of questions)
@dainnilsson
Copy link
Member

Try the "Kill scdaeon on show" option in the settings dialog. It attempts to kill the scdaemon process each time the window is shown (on launch, when restored from a minimized state, etc.) which should free up the device so that it can be detected by Yubico Authenticator. Killing scdaemon is pretty harmless as it will be launched again automatically when you attempt to use gpg.

@pelme
Copy link
Author

pelme commented Aug 25, 2015

Hmm, it does not seem to work. I can see that scdaemon is running in the background, but switching the window to Authenticator does not kill it.

If I kill it manually with pkill -9 scdaemon it works.

When scdaemon is killed, I have to re-renter my PIN for the GPG key.Is there no way to have Authenticator+gpg work together seamless? Is it limited by the yubikey hardware or could it potentially be fixed in the future?

@dainnilsson
Copy link
Member

Note that it isn't run if you just switch to the window, the window needs to be minimized and shown to trigger the command.

You are correct that you will need to re-enter your PIN upon switching back to GPG. This is how smartcards work. They can have multiple applets, but only one can be run at a time. Selecting a new applet will cause the old one to lose any transient state. It's not a limitation of the hardware, it's how the smartcard system is designed to work.

@pelme
Copy link
Author

pelme commented Aug 25, 2015

I see, it works when minimized. I'm on OS X and I usually use hide (cmd+H) to move a window out of the way and then cmd+tab to get it back to focus. Minimizing requires a mouse click in the dock (AFAIK) to get back to the window. (Also, the window management is buggy on OS X, will open a new issue with more details.)

Ok, thanks, then I understand the background on how smart cards works.

@dainnilsson
Copy link
Member

Great. Perhaps the command should be more easily triggered, like when the window is given focus. Feel free to add another issue for that! I'll close this one now.

@dainnilsson dainnilsson mentioned this issue Aug 28, 2015
Closed
marvinpinto added a commit to marvinpinto/laptop that referenced this issue Nov 18, 2017
@marvinpinto
Create a wrapper script to work around the yubioath-cli bug
2826949 
Ref: Yubico/yubioath-flutter#48 & Yubico/yubioath-flutter#45
dainnilsson added a commit that referenced this issue Nov 15, 2022
@dainnilsson
Merge PR #45.
ade7f7d
@ScoreUnder ScoreUnder mentioned this issue Nov 28, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pelme @dainnilsson