Introducing the Librem Key

windowsrefund · December 12, 2018, 6:23pm

Yes Sir. PureOS here all the way.

Kyle_Rankin · December 12, 2018, 6:23pm

Login to your desktop, insert the Librem Key and then run gpg --card-status.

windowsrefund · December 12, 2018, 6:26pm

https://asciinema.org/a/Nad39NKpcIYNiphJZG83jFCOb

Kyle_Rankin · December 12, 2018, 6:30pm

That video was of dmidecode for some reason, maybe you meant to paste a different video. Please try logging in as your regular user, inserting the Librem Key, and running gpg --card-status. It should just work, as the only additional package you should need is scdaemon, which you have installed.

windowsrefund · December 12, 2018, 6:38pm

Right, I wanted to show you the output of dmidecode so you could see I am running PureOS, etc. but I really should have just shown you my /etc/apt/sources.list or something

In any case, I’ve gone through all these steps and continue to see the original error. Reading through gpgconf’s man page, I learned about its --check-programs arg and see everything is available and working.

~ gpgconf --check-programs
gpg:OpenPGP:/usr/bin/gpg:1:1:
gpg-agent:Private Keys:/usr/bin/gpg-agent:1:1:
scdaemon:Smartcards:/usr/lib/gnupg/scdaemon:1:1:
gpgsm:S/MIME:/usr/bin/gpgsm:1:1:
dirmngr:Network:/usr/bin/dirmngr:1:1:
pinentry:Passphrase Entry:/usr/bin/pinentry:1:1:

I can also reproduce the original error across both USB ports (had to try). Really not sure what other knobs to turn here. I happen to be using gpg 2.2.11. Can I ask your version?

Kyle_Rankin · December 12, 2018, 6:51pm

I’m using the default gpg 2.2.11 package with the default terminal and shell on the default PureOS desktop. On this side I took a Librem 15v3, installed a vanilla PureOS on top of it and then installed scdaemon and the Librem Key showed up with gpg --card-status.

windowsrefund · December 12, 2018, 6:52pm

Got it! Found disable-scdaemon in my ~/.gnupg/gpg-agent.conf

duh

reC · March 9, 2019, 6:36am

@Kyle_Rankin Hi ! will the Librem Key work only for the Librem laptops or will it also support the Librem 5 once it gets released ?

jtl · March 10, 2019, 9:06am

My apologies if this has been asked before, but could a future version of the Librem Key be in a similar form factor as the YubiKey NEO, and not like a standard USB drive? It seems to be much more durable that way.

peterpan · March 10, 2019, 7:52pm

A USB-C type would be awesome and much more usable than the USB-A Version it is now.

Kyle_Rankin · March 11, 2019, 8:57pm

The goal is to support the Librem 5 as well, but because the Librem 5 has a USB-C connector, it means using a hub or other adapter to use existing Librem Keys. At some point we would like to offer a USB-C connector option as well.

Also note that the Librem 5 will feature its own internal OpenPGP smartcard reader so it can already perform a lot of the security features of the Librem Key with respect to secure key storage.

j_s · December 3, 2023, 12:19am

github will require 2FA at the end of the year, so I guess I will need to get something other than a Librem Key.

FranklyFlawless · December 3, 2023, 2:42am

Or, stop using GitHub to begin with.