What is an easy fix for this error?
gpg: decryption failed: No secret key
Then i need to unplug the USB, and attach it, then it works all of a sudden. I don’t want to cause unnecessary damage to the USB connection they get glitchy so easy, after a while.
It’s in debian. restart the gpg agent or something like that?
To better assist you, please provide us with more information about the error you are facing. When did it happen? Did it work before? Is this a new Linux system where you are using your Nitrokey? What kind of error message are you receiving? Can you state steps to reproduce the issue?
The more details you can provide, the easier it will be for us to help you. Thank you.
What is the output of gpg --list-secret-keys? Maybe some tool occupies the token.
Hey! Thanks. Yeah it lists like 7 keys or something like that. And i have two card serial numbers. What are you looking for specifically?
It’s debian 12, and the key works if i remove it and attach it, then when it’s been in the laptop a while and i want some new password from pass, or something like that, i get that error, and it cant read the info, so i need to unplug it and plug it on, and i do that maybe 5 times a day, so i don’t know how long it will last.
So i want some command that just makes it work without that. I might need to delete some cache or something maybe… I don’t know what tool would occupy it.
By the way i also get this error message about inserting the other key and i got some old answer about deleting some cache file, i need to look up that post again…
It works if i log in and out of debian. I just thought there might have been some easier command without login out… If i need some program running. But it solves the issue with having to do damage to the usb every time.
dmesg is your friend here. Especially the USB related entries. Could it be that the port has some powersaving? Could you post some logs please?
It is annoying but the USB A and USB c connectors are meant to be used excessively:
Standard USB has a minimum rated lifetime of 1,500 cycles of insertion and removal,[4] the Mini-USB receptacle increased this to 5,000 cycles,[4] and the newer Micro-USB[4] and USB-C receptacles are both designed for a minimum rated lifetime of 10,000 cycles of insertion and removal.[5] To accomplish this, a locking device was added and the leaf-spring was moved from the jack to the plug, so that the most-stressed part is on the cable side of the connection. This change was made so that the connector on the less expensive cable would bear the most wear.[4]
You could also use a short USB extension cable.
Thanks, but it’s not a power save issue. it’s the software that needs to be rebooted, so i don’t psychically remove and plug it in again. I need to reboot the stuff that loads up in nitrokey or pass, etc… Any ideas what processes do that?
If you log out and log in and it works, maybe your systemd or whatever init system you use restarts pcscd daemon? Or maybe it conflicts with GPG?
First thing, try to find out if something like pcscd is running (it might start automatically once you plug in something or try to connect).
Any other ideas? I cant be the only one with this issue… There are some prompt command that restart stuff without me having to log out and loose progress…
So you can’t check if you have pcscd running?
How do i do that? Pgrep? I tried pgrep and it was running now, but as usual i plugged in and out the usb, it’s starting to get glitchy almost from wear and tear so a solution would be cool. Thanks
edit: I can try and see if it’s running next time i get the usual error or not responding key
I did try: pgrep pcscd, and yes i have the process… Right now im trying to figure out how to get the key without removing the usb… and plugging it in… what can i restart as services?
restart pgagent or what its called?
I get the this:
Should i restart the pgagent or other services? What services restart of i remove and plug in the usb key? How can i restart those manually? So i don’t have to unplug it every time day in and out, it will not work for a long time. The nitrokey team should know this…
I’m using debian 12. thanks
Does anyone know what the solution to this is?
Restart what service in the terminal? that emulates removing and attaching the usb key.
Same concept… just no damage to the hardware
Anyone???
Seriously this is not cool, and a serious design flaw. Debian 12. I have to remove the key and put it back in so it refreshes the red light, and wait a bit then i can type in the info. Every time i openup a terminal window. So i do that maybe ten times a day! The wear and tear will build up quick and it’s allot of work to do the process with the keys over and over. I don’t have the time or energy. What’s the software solution to this apart from login in and out of debian?.
Same design flaw is that the keys get scrambled and wrong if i just leave they key in a while in the nitrokey-app, so i also got to remove and put the let back in there also to even get the right updated keys and wait for the nitrokey-app to load. These are serious, and un-necessary design and code flaws to even keep the hardware intact and in a good state, and like “flow”. Some quick update function is needed that scans the info and keeps the system in check and updated.
Have you looked up the post how to delete the gpg cache files, you referred to earlier in the thread?
Your debian uses systemd. If a user logout/in work arounds, you should be looking at the user services systemctl status --user first to identify the services/apps you use but don’t know how to debug. Also, open a terminal and use journalctl --follow --user, whcih might show you an error once it happens, to investigate further.
I don’t use your distribution so I can’t tell what is different in Debian.
To start troubleshooting this, please follow my advice in German as follows:
gpgconf --kill all$HOME/.gnupg/gpg-agent.conf and add the following two lines:log-file /tmp/agent.log
debug 0xffff
$HOME/.gnupg/scdaemon.conf and add the following lines:log-file /tmp/scdaemon.log
debug 0xffff
Caution /tmp/agent.log and /tmp/scdaemon.log files will contain confidential information, like your PINs, whatever things you might be trying to sign etc. etc. Be careful when publishing them and be ready to change your PIN afterwards.