To install the pcsclite package
you can use the well known ./configure make make install
assuming you have the developer meta package installed.
For my system (Mageia Linux)
the installation of the ccid package was much harder.
First of all you have to tell configure the path to the libpcsclite.pc file.
Second you need the libusb package installed (of course) and the devoleper files for libusb.
Then you need to tell configure also this path.
So this command made the configuration running. ./configure PKG_CONFIG_PATH=/usr/local/lib/pkgconfig --enable-libusb=/usr/lib64
Thereafter I can do make and make install.
After that you have to start the pcscd deamon.
That should do the trick.
Unfortunately my system still did not recognize the key as
a GPG Smart Card.
Hm I want to understand what’s going wrong here.
Things I did not understand:
What does the gpg card agent need to accept the nk3 as a smartcard
Do I need to start the pcsc daemon
I installed the ccid package 1.5 and the latest pcsc-lite package (compiling and building them). Can it be that gpg did not consider those packages since they are not installed by rpm/dnf?
If all those will not get me any further I maybe switch my Linux distro.
But this should be not the purpose of this.
Thanks TL
This is the default on most systems - there should be no need to run pcscd and no PC/SC lite is required.
You can also use gnupg + scdaemon + pcscd + ccid
For that, you can add disable-ccid to ${HOME}/.gnupg/scdaemon.conf and this way all smartcard communication is going via PC/SC Lite and the pcscd daemon. Looks like gnupg2 does not need to be compiled with pcsclite support directly to support this, it is a runtime option.
Hello @saper
Thanks for your answer.
Hmm On my system there is no scdaemon and dnf did not know this.
Mageia will soon become version 9 and I will decide to stay with it or
give Fedora again a try. I used it for a while but have trouble with my
Nvidia grafic card and native drivers. That was the reason to switch to Mageia.
I still did not really get a clue what I’ve todo.
Thanks anyway!
Since I gave up trying to use nk3 on Mageia8 I accidentely tried to
start the gpg --card-edit as root and this worked.
So I wonder why. After I read an other thread here I check the
status of the pcscd.
When I am loggin in as root then this is enabled and active.
When not this is not active. So this is maybe the reason why I can’t use the nk3 as non root user.
So I must activate the deamon on startup for my user account right?
Not really. Since 2.0.0 polkit integration is enabled by default and there is a new option to disable it. Previously, it had to be enabled by the person building the software. Some packagers decided to enable it (as Enterprise Linux derivatives do).
polkit is a tool (separate package with its own programs and configuration) that allows other programs to determine if the particular action of particular user in particular context should be allowed or not. Something that goes way beyond simple file or directory permissions.
pcscd with polkit integration enabled means:
pcscd thinks: whenever a program running as particular user needs access to the smart card, I have to talk to the polkit and let it determine if the access should be allowed.
By default, polkit will not enable users other than root to access the smartcard.
I can’t give you details how to do this on your system because I would need to dig into the details of your system too much. For example, I don’t know what are the directories where polkit files needs to be stored.
If you know how to rebuild your pcscd (using source RPM or from plain source) to disable polkit integration, it may help.
It might be easier, however, to create a polkit configuration file that allows your user access to the PC/SC integration.
