Nitrokey & libpam-poldi

milgner · September 18, 2015, 9:45pm

Hi all,

I tried setting up user login using my Nitrokey. However I can’t get poldi to talk to it.
It works fine with GPG:

[marcus@nandus ~]$ gpg --card-status

Application ID ...: D27600012401020100050000332C0000
Version ..........: 2.1
Manufacturer .....: ZeitControl
...

But poldi-ctrl can’t communicate with it:

[marcus@nandus ~]$ poldi-ctrl -d
scdaemon[10260]: pcsc_list_readers failed: unknown PC/SC error code (0x8010002e)
scdaemon[10260]: pcsc_list_readers failed: unknown PC/SC error code (0x8010002e)
scdaemon[10260]: pcsc_list_readers failed: unknown PC/SC error code (0x8010002e)
poldi-ctrl: error: failed to retrieve smartcard data: Card error
scdaemon[10260]: scdaemon (GnuPG) 2.1.8 stopped

Is this a problem with poldi or the Nitrokey?

jan · September 20, 2015, 6:25pm

If “gpg --card-status” works the Nitrokey is fine and it’s most likely a software issue. I don’t know poldi but did you read these instructions? Also you may try to kill any gpg-agent before executing poldi.

milgner · September 21, 2015, 3:00pm

Yes, I read these instructions, it’s how I came across Poldi. Will try pam_p11 instead, now.

jan · October 6, 2015, 7:04pm

Any progress?

algorythm · May 6, 2016, 12:29am

I had the same problem on Arch Linux. The ‘kill gpg-agent’ hint above worked - once I stopped that process, poldi-ctrl worked as expected.