Can not read OpenPGP card as non-root
I have recently acquired an OpenPGP card and reader and can not properly read the card as a normal user. In the debug section of the udev instructions it says "If the card is found as 'sudo', then you need to tweak the udev rules so that your normal user also has access" but I do not know how to 'tweak the udev rules'.
Card is v2.0 g10code, BasicCard, ZeitControl
Reader v2.0 SCR3310 SCM Microsystems
I've followed udev directions here: http://
I've installed gnupg2 gnupg-agent pcscd libpcsclite1 gpgsm libccid opensc and perhaps a few other things in my attempt to read the card.
NO $ gpg --card-status
OK $ sudo gpg --card-status
OK $ opensc-tool -lv
OK $ pcsc_scan
$ gpg --card-status
gpg: selecting openpgp failed: unknown command
gpg: OpenPGP card not available: general error
$ sudo gpg --card-status
gpg: WARNING: unsafe ownership on configuration file `/home/
gpg: detected reader `SCM SCR 3310 [CCID Interface] 00 00'
Application ID ...: D27600012401020
Version ..........: 2.0
Manufacturer .....: ZeitControl
Serial number ....: 00000D1F
Name of cardholder: [not set]
Language prefs ...: de
Sex ..............: unspecified
URL of public key : [not set]
Login data .......: [not set]
Private DO 1 .....: [not set]
Private DO 2 .....: [not set]
Signature PIN ....: forced
Key attributes ...: 2048R 2048R 2048R
Max. PIN lengths .: 32 32 32
PIN retry counter : 3 0 3
Signature counter : 0
Signature key ....: [none]
Encryption key....: [none]
Authentication key: [none]
General key info..: [none]
$ opensc-tool -lv
Error: can't open /var/run/
Error: can't open /var/run/
...etc...
Error: can't open /var/run/
Error: can't open /var/run/
Readers known about:
Nr. Driver Name
0 openct OpenCT reader (detached)
1 openct OpenCT reader (detached)
2 pcsc SCM SCR 3310 [CCID Interface] 00 00
$ pcsc_scan
PC/SC device scanner
V 1.4.17 (c) 2001-2009, Ludovic Rousseau <email address hidden>
Compiled with PC/SC lite version: 1.5.5
Scanning present readers...
0: SCM SCR 3310 [CCID Interface] 00 00
Sat Oct 1 22:54:33 2011
Reader 0: SCM SCR 3310 [CCID Interface] 00 00
Card state: Card inserted,
ATR: 3B DA 18 ...etc... 90 00 0C
ATR: 3B DA 18 ...etc... 90 00 0C
+ TS = 3B --> Direct Convention
+ T0 = DA, Y(1): 1101, K: 10 (historical bytes)
TA(1) = 18 --> Fi=372, Di=12, 31 cycles/ETU
129032 bits/s at 4 MHz, fMax for Fi = 5 MHz => 161290 bits/s
TC(1) = FF --> Extra guard time: 255 (special value)
TD(1) = 81 --> Y(i+1) = 1000, Protocol T = 1
-----
TD(2) = B1 --> Y(i+1) = 1011, Protocol T = 1
-----
TA(3) = FE --> IFSC: 254
TB(3) = 75 --> Block Waiting Integer: 7 - Character Waiting Integer: 5
TD(3) = 1F --> Y(i+1) = 0001, Protocol T = 15 - Global interface bytes following
-----
TA(4) = 03 --> Clock stop: not supported - Class accepted by the card: (3G) A 5V B 3V
+ Historical bytes: 00 31 C5 ...etc... 00 90 00
Category indicator byte: 00 (compact TLV data object)
Tag: 3, len: 1 (card service data byte)
Card service data byte: C5
- Application selection: by full DF name
- Application selection: by partial DF name
- EF.DIR and EF.ATR access services: by GET DATA command
- Card without MF
Tag: 7, len: 3 (card capabilities)
Selection methods: C0
- DF selection by full DF name
- DF selection by partial DF name
Data coding byte: 01
- Behaviour of write functions: one-time write
- Value 'FF' for the first byte of BER-TLV tag fields: invalid
- Data unit in quartets: 2
Command chaining, length fields and logical channels: 40
- Extended Lc and Le fields
- Logical channel number assignment: No logical channel
- Maximum number of logical channels: 1
Mandatory status indicator (3 last bytes)
LCS (life card cycle): 00 (No information given)
SW: 9000 (Normal processing.)
+ TCK = 0C (correct checksum)
Possibly identified card (using /usr/share/
3B DA ...etc... 00 0C
GnuPG card V2
^C
$
Question information
- Language:
- English Edit question
- Status:
- Expired
- For:
- Ubuntu pcsc-lite Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply: