Bug ID 1202201
Summary gpg2 2.3.7-1.1 doesn't properly detect Yubikey OpenPGP keys
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware Other
OS openSUSE Tumbleweed
Status NEW
Severity Normal
Priority P5 - None
Component Other
Assignee screening-team-bugs@suse.de
Reporter db@mail25.net
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

After updating gpg2 from 2.3.6-2.2 to 2.3.7-1.1 Yubikey OpenPGP keys aren't
properly detected anymore. I use it for SSH and this happens on 3 similar
machines running Tumbleweed with the latest snapshot (20220805) and with 2
identical Yubikeys.

The only configuration that I set is:
>> # cat ~/.gnupg/gpg-agent.conf 
>> enable-ssh-support
>> default-cache-ttl 600
>> max-cache-ttl 7200


---gpg2-2.3.7-1.1---

--after plugging in the Yubikey--

>> # sudo journalctl -f
>> rugp. 07 21:53:33 pc kernel: usb 1-4: new full-speed USB device number 4 using xhci_hcd
>> rugp. 07 21:53:33 pc kernel: usb 1-4: New USB device found, idVendor=1050, idProduct=0407, bcdDevice= 5.43
>> rugp. 07 21:53:33 pc kernel: usb 1-4: New USB device strings: Mfr=1, Product=2, SerialNumber=0
>> rugp. 07 21:53:33 pc kernel: usb 1-4: Product: YubiKey OTP+FIDO+CCID
>> rugp. 07 21:53:33 pc kernel: usb 1-4: Manufacturer: Yubico
>> rugp. 07 21:53:33 pc kernel: input: Yubico YubiKey OTP+FIDO+CCID as /devices/pci0000:00/0000:00:01.3/0000:03:00.0/usb1/1-4/1-4:1.0/0003:1050:0407.0009/input/input28
>> rugp. 07 21:53:33 pc kernel: hid-generic 0003:1050:0407.0009: input,hidraw3: USB HID v1.10 Keyboard [Yubico YubiKey OTP+FIDO+CCID] on usb-0000:03:00.0-4/input0
>> rugp. 07 21:53:33 pc kernel: hid-generic 0003:1050:0407.000A: hiddev97,hidraw4: USB HID v1.10 Device [Yubico YubiKey OTP+FIDO+CCID] on usb-0000:03:00.0-4/input1
>> rugp. 07 21:53:33 pc mtp-probe[7041]: checking bus 1, device 4: "/sys/devices/pci0000:00/0000:00:01.3/0000:03:00.0/usb1/1-4"
>> rugp. 07 21:53:34 pc mtp-probe[7041]: bus: 1, device: 4 was not an MTP device
>> rugp. 07 21:53:34 pc systemd[2023]: Reached target Smart Card.
>> rugp. 07 21:53:34 pc mtp-probe[7069]: checking bus 1, device 4: "/sys/devices/pci0000:00/0000:00:01.3/0000:03:00.0/usb1/1-4"
>> rugp. 07 21:53:34 pc mtp-probe[7069]: bus: 1, device: 4 was not an MTP device


>> # ssh-add -l
>> The agent has no identities.


>> # gpg --card-status
>> Reader ...........: 1050:0407:X:0
>> Application ID ...: D2760001240100000006137939780000
>> Application type .: OpenPGP
>> Version ..........: 1.0
>> Manufacturer .....: ?
>> Serial number ....: 13793978
>> Name of cardholder: [not set]
>> Language prefs ...: [not set]
>> Salutation .......:
>> URL of public key : [not set]
>> Login data .......: [not set]
>> Signature PIN ....: not forced
>> Max. PIN lengths .: -1 -2 0
>> PIN retry counter : 0 0 0
>> Signature counter : 0
>> Signature key ....: [none]
>> Encryption key....: [none]
>> Authentication key: [none]
>> General key info..: [none]



---gpg2-2.3.6-2.2---

--after installing gpg2-2.3.6
(https://download.opensuse.org/history/20220802/tumbleweed/repo/oss/x86_64/gpg2-2.3.6-2.2.x86_64.rpm),
rebooting and inserting the Yubikey--

>> # sudo journalctl -f
>> rugp. 07 22:03:11 pc kernel: usb 1-4: new full-speed USB device number 3 using xhci_hcd
>> rugp. 07 22:03:11 pc kernel: usb 1-4: New USB device found, idVendor=1050, idProduct=0407, bcdDevice= 5.43
>> rugp. 07 22:03:11 pc kernel: usb 1-4: New USB device strings: Mfr=1, Product=2, SerialNumber=0
>> rugp. 07 22:03:11 pc kernel: usb 1-4: Product: YubiKey OTP+FIDO+CCID
>> rugp. 07 22:03:11 pc kernel: usb 1-4: Manufacturer: Yubico
>> rugp. 07 22:03:11 pc kernel: input: Yubico YubiKey OTP+FIDO+CCID as /devices/pci0000:00/0000:00:01.3/0000:03:00.0/usb1/1-4/1-4:1.0/0003:1050:0407.0007/input/input27
>> rugp. 07 22:03:11 pc kernel: hid-generic 0003:1050:0407.0007: input,hidraw6: USB HID v1.10 Keyboard [Yubico YubiKey OTP+FIDO+CCID] on usb-0000:03:00.0-4/input0
>> rugp. 07 22:03:11 pc kernel: hid-generic 0003:1050:0407.0008: hiddev99,hidraw7: USB HID v1.10 Device [Yubico YubiKey OTP+FIDO+CCID] on usb-0000:03:00.0-4/input1
>> rugp. 07 22:03:11 pc mtp-probe[4432]: checking bus 1, device 3: "/sys/devices/pci0000:00/0000:00:01.3/0000:03:00.0/usb1/1-4"
>> rugp. 07 22:03:11 pc mtp-probe[4432]: bus: 1, device: 3 was not an MTP device
>> rugp. 07 22:03:11 pc systemd[1]: Reached target Smart Card.
>> rugp. 07 22:03:11 pc systemd[2002]: Reached target Smart Card.
>> rugp. 07 22:03:11 pc mtp-probe[4445]: checking bus 1, device 3: "/sys/devices/pci0000:00/0000:00:01.3/0000:03:00.0/usb1/1-4"
>> rugp. 07 22:03:11 pc mtp-probe[4445]: bus: 1, device: 3 was not an MTP device


>> # ssh-add -l
>> 256 SHA256:**REDACTED** cardno:13 793 978 (ED25519)


>> # gpg --card-status
>> Reader ...........: 1050:0407:X:0
>> Application ID ...: D2760001240100000006137939780000
>> Application type .: OpenPGP
>> Version ..........: 3.4
>> Manufacturer .....: Yubico
>> Serial number ....: 13793978
>> Name of cardholder: [not set]
>> Language prefs ...: [not set]
>> Salutation .......:
>> URL of public key : [not set]
>> Login data .......: [not set]
>> Signature PIN ....: not forced
>> Key attributes ...: ed25519 cv25519 ed25519
>> Max. PIN lengths .: 127 127 127
>> PIN retry counter : 3 0 3
>> Signature counter : 4
>> KDF setting ......: off
>> UIF setting ......: Sign=off Decrypt=off Auth=off
>> Signature key ....: **REDACTED**
>>       created ....: 2022-05-23 17:27:13
>> Encryption key....: **REDACTED**
>>       created ....: 2022-05-23 17:27:13
>> Authentication key: **REDACTED**
>>       created ....: 2022-05-23 17:27:13
>> General key info..: [none]

You are receiving this mail because: