FS#58176 : pacman-key fails local-signing keys with yubikey connected

FS#58176 - pacman-key fails local-signing keys with yubikey connected

Attached to Project: Pacman
Opened by Henry Kupty (ingvij) - Monday, 09 April 2018, 06:56 GMT
Last edited by Eli Schwartz (eschwartz) - Monday, 09 April 2018, 06:58 GMT

Task Type	Bug Report
Category	General
Status	Closed
Assigned To	No-one
Architecture	All
Severity	Low
Priority	Normal
Reported Version	5.0.1
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Summary and Info:
I started using a yubikey as a 2fa for sudo and other desktop usages and suddenly `pacman-key --populate` stopped being able to locally sign keys.
I've recreated the environment several times (`rm -rf /etc/pacman.d/gnupg/; pacman-key --init; pacman-key --populate'`) but it always failed.
I just realized today that the yubikey was always present when this happened so I tried recreating the environment without it connected and it worked perfectly.

Note that I have a gpg key in my yubikey. Also, I'm not sure how it stopped working - possibly during an `archlinux-keyring` update.

Steps to Reproduce:
- `rm -rf /etc/pacman.d/gnupg/`
- attach yubikey
- `pacman-key --init`
- `pacman-key --populate`

This task depends upon

Closed by Eli Schwartz (eschwartz)
Monday, 09 April 2018, 06:58 GMT
Reason for closing: Fixed

Comment by Eli Schwartz (eschwartz) - Monday, 09 April 2018, 06:57 GMT

Already fixed in git: https://git.archlinux.org/pacman.git/commit/?id=0565cebfc387be67e0daac73a4d0a312965ca1d3

As a local workaround, manually set disable-scdaemon in the gpg-agent.conf in your pacman-key's GNUPGHOME; eventually pacman-key --init will do this for you.

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#58176 - pacman-key fails local-signing keys with yubikey connected

Details

Loading...