Select Page

Solution:

Run the following in your terminal:

gpg-connect-agent "scd serialno" "learn --force" /bye

Problem:

The gpg command-line tool asks for the Yubikey with a matching serial number when decrypting something. This is a problem because it is essential to be able to use any of the Yubikeys holding the same PGP private keys in case of damage or loss.

Background:

You have added the same PGP private keys to multiple Yubikeys in case one is lost or damaged.

This command interacts with the GPG Agent, specifically with the smart card daemon (scd), and forces the agent to re-learn about smart card configurations. Here’s a breakdown:

Command Components

  1. gpg-connect-agent:
    • A tool used to send commands to the GPG agent.
    • Useful for debugging or interacting with the GPG agent directly.
  2. "scd serialno":
    • This command queries the smart card daemon (scd) for the serial number of a connected smart card.
    • If a smart card is present, its serial number will be retrieved.
  3. "learn --force":
    • Tells the GPG agent to forcefully re-learn the information from the connected smart card.
    • This is useful if there are configuration changes or if the smart card is replaced.
  4. /bye:
    • This ensures that the session with the gpg-connect-agent is terminated cleanly after executing the commands.

What It Does

  • The command first asks the GPG agent to get the serial number of a smart card (scd serialno).
  • It then forces the agent to re-learn the smart card configuration (learn --force).
  • Finally, the session is closed with /bye.

Why Use It?

  • To reinitialize or refresh the smart card setup when changes have been made.
  • To ensure the GPG agent recognizes a new smart card without needing to restart the agent.
  • To troubleshoot smart card issues with GPG.