Hi!
There are still a couple of options left. The issue reminds me of the Windows problem in OpenSC, where the key generation was timed out after 60 seconds. But not signing… While at the topic, your OpenSC is v0.16, while the latest one is v0.19. Maybe this one is not handling the OpenPGP v3.3? But that would not explain issues on Fedora 29.
The second card you have inserted is OpenPGP v2.0, which is longer in the market.
- What is your GnuPG version?
- Please paste versions of the OpenSC and GnuPG installed on your Fedora 29.
- Could you update the OpenSC?
- Could you measure the time, after which generation operation fails? (e.g. with
timecommand). Please do the same with signing. - Let’s gather some logs. Could you add to your
~/.gnupg/scdaemon.conffile (if not existing, please create) following lines:
debug-all
debug-ccid-driver
log-file /home/sz/.gnupg/scdaemon-pro-4096.log
Please change the path in log-file parameter to your choosing and restart the scdaemon:
sudo killall scdaemon
Then please reproduce the issue one more time and attach the log here (via any pastebin service). Please make sure you are not using any secrets, or any other smartcards, as whole host<->smartcard communication will be logged.
After that please disable the logging with removing or commenting the mentioned earlier lines in scdaemon.conf, and killing the scdaemon. It should load on next use without the logging feature. Please check then, will the log be updated to make sure logging is stopped.
I have Fedora 29 - will try to reproduce it tomorrow with my Pro 1 (edit: actually it is NK Pro v1 with OpenPGP v3.3). @nitroalex - could you do the same with Nitrokey Pro 2 on CentOS?