I use GPG2 to generate onboard keys, but this fails after some time : Bad PIN error :
gpg/card> generate
Make off-card backup of encryption key? (Y/n) n
gpg: NOTE: keys are already stored on the card!
Replace existing keys? (y/N) y
What keysize do you want for the Signature key? (2048)
What keysize do you want for the Encryption key? (2048)
What keysize do you want for the Authentication key? (2048)
Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y
GnuPG needs to construct a user ID to identify your key.
Real name: XYZCorp
Email address: xxx@yyyyyy.zz
Comment:
You selected this USER-ID:
“XYZCorp xxx@yyyyyy.zz”
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
At this point the software seems idle, with opensc process taking about 2% CPU during ~30 seconds, and the following errors are printed :
gpg: signing failed: Bad PIN
gpg: make_keysig_packet failed: Bad PIN
Key generation failed: Bad PIN