Qubes with a gpg compatable smart card: can't find 'libpcsclite.so.1'
276 views
Skip to first unread message
cubem...@gmail.com
Dec 2, 2015, 7:45:10 PM12/2/15
to qubes-users
I've got two smart card readers that work with Linux, but on qubes 'gpg --card-status' gives
"failed to open driver 'libpcsclite.so.1: no such file or directory' (abbreviated message).
Probably the custom split-gpg for Qubes, but using a smart card with Qubes would seem to be a good idea. Thoughts on enabling this? Is it disabled on purpose because of the 'bad' USB?
"failed to open driver 'libpcsclite.so.1: no such file or directory' (abbreviated message).
Probably the custom split-gpg for Qubes, but using a smart card with Qubes would seem to be a good idea. Thoughts on enabling this? Is it disabled on purpose because of the 'bad' USB?
Stefan Schlott
Dec 3, 2015, 3:08:27 AM12/3/15
to qubes...@googlegroups.com
Hi,
> I've got two smart card readers that work with Linux, but on qubes 'gpg
> --card-status' gives
>
> "failed to open driver 'libpcsclite.so.1: no such file or directory'
> (abbreviated message).
The package "pcsc-lite-libs" (not installed by default) contains the
missing library. I tried to get my pgp smartcard working (with no
success, unfortunately) and I remember I installed the packages
pcsc-lite-ccid, pcsc-tools, and opensc as well, so these might be the
next candidates if pcsc-lite-libs is not sufficient.
Good luck (and if you are successful, I'd love to hear about your setup!),
Stefan.
> I've got two smart card readers that work with Linux, but on qubes 'gpg
> --card-status' gives
>
> "failed to open driver 'libpcsclite.so.1: no such file or directory'
> (abbreviated message).
missing library. I tried to get my pgp smartcard working (with no
success, unfortunately) and I remember I installed the packages
pcsc-lite-ccid, pcsc-tools, and opensc as well, so these might be the
next candidates if pcsc-lite-libs is not sufficient.
Good luck (and if you are successful, I'd love to hear about your setup!),
Stefan.
cubem...@gmail.com
Dec 3, 2015, 7:19:20 AM12/3/15
to qubes-users
Thanks for the help.
Actually pcsc-lite-tools is already installed by default now, but I needed to install pcsc-tools.
That's fine, the library is found now, the problem is assigning the Smart Card reader. I have two; an internal built-in one (sits on USB) and a Linux compatible Express Card version (also presents a Express Card USB bus with the reader hanging off that). The problem is assigning the USB bus to a VM, I get a syslog error
internal error: Unable to reset PCI device XXXXX(USB)XXXX: no FLR, PM reset or bus reset.
And the AppVM won't reset. If I can assign this then I think I'm good.
Actually pcsc-lite-tools is already installed by default now, but I needed to install pcsc-tools.
That's fine, the library is found now, the problem is assigning the Smart Card reader. I have two; an internal built-in one (sits on USB) and a Linux compatible Express Card version (also presents a Express Card USB bus with the reader hanging off that). The problem is assigning the USB bus to a VM, I get a syslog error
internal error: Unable to reset PCI device XXXXX(USB)XXXX: no FLR, PM reset or bus reset.
And the AppVM won't reset. If I can assign this then I think I'm good.
Tim W
Dec 4, 2015, 3:16:05 AM12/4/15
to qubes-users
On Thursday, December 3, 2015 at 7:19:20 AM UTC-5, cubem...@gmail.com wrote:
Thanks for the help.
Actually pcsc-lite-tools is already installed by default now, but I needed to install pcsc-tools.
That's fine, the library is found now, the problem is assigning the Smart Card reader. I have two; an internal built-in one (sits on USB) and a Linux compatible Express Card version (also presents a Express Card USB bus with the reader hanging off that). The problem is assigning the USB bus to a VM, I get a syslog error
internal error: Unable to reset PCI device XXXXX(USB)XXXX: no FLR, PM reset or bus reset.
And the AppVM won't reset. If I can assign this then I think I'm good.
Are these usb 3 or 2 ?
The express card is it a pci device where the internal card is a part of internal usb controller?
I recall something about disabling EHCI handoff i.e disable usb 3 support in BIOS. I think Marek had made a post about to someone else with a similar error message and usb issue.
If usb3 disable fails and its a similar issue as I saw posted about then you can try to change the 'qvm-prefs pci_strictreset' option to 'false' so it will ignore the error and allow it to start.
Not sure if any of that is helpful or already known and does not apply.
cubem...@gmail.com
Dec 4, 2015, 7:42:06 AM12/4/15
to qubes-users
Are these usb 3 or 2 ?
The express card is it a pci device where the internal card is a part of internal usb controller?
I recall something about disabling EHCI handoff i.e disable usb 3 support in BIOS. I think Marek had made a post about to someone else with a similar error message and usb issue.
Good one! Yes I wondered about that in the back of my mind, disabling XHCI in the BIOS allows me to assign USB. However ... now 'gpg --card-status' shows it finding the reader, but then it says 'pcsc_connect failed: unpowered card (0x80100067) ... Please insert the card", but the card is inserted. This is also after enabling a BIOS option to leave the Smart Card hub always powered.
And yes the express card (Cherry SR4300, available on eBay, supported by Linux) seemingly have the USB hub as part of the card, but anyhow they're experiencing the same issue at the moment.
Tim W
Dec 4, 2015, 6:21:59 PM12/4/15
to qubes-users
Well glad I got you one step closer. What about trying your built in smart reader. It looks like in your first post you say they are both linux compatible. It at least should not have the powering up issues. I am bettering that the express card has to do with it going from pci decive then to a usb bus controller and the system does not know how to handle it. Driver issue. But the built in reader is directly on the chip set usb controller and linux root hub.
How we can get this working as I think it will roadmap it for many others.
How we can get this working as I think it will roadmap it for many others.
cubem...@gmail.com
Dec 4, 2015, 9:25:02 PM12/4/15
to qubes-users
Well glad I got you one step closer. What about trying your built in smart reader. It looks like in your first post you say they are both linux compatible. It at least should not have the powering up issues. I am bettering that the express card has to do with it going from pci decive then to a usb bus controller and the system does not know how to handle it. Driver issue. But the built in reader is directly on the chip set usb controller and linux root hub.
How we can get this working as I think it will roadmap it for many others.
Same result with either reader.
I'll guess it's something with the split GPG foo, I'll dig into it. So far I set up a programming VM but am unable to download the GCC packages Am unable to do, here is error
Downloading packages... Failed to install packages: cannot download k/kernel-headers-3.17.8-300.fc21.x86_64.rpm to /var/cache/PackageKit/metadata/updates/packages/: Cannot download k/kernel-headers-3.17.8-300.fc21.x86_64.rpm: All mirrors were tried
Tim W
Dec 4, 2015, 11:21:01 PM12/4/15
to qubes-users
Well dang talk about not giving you any useful info in the error message!?! Let me give it a try as well. Did you try to download to the template or directly to the programming appVM?
Tim W
Dec 4, 2015, 11:28:09 PM12/4/15
to qubes-users
I tried doing a search on the group for issue with gcc. This is the only thing I found. Not sure what your location is but maybe this could be a related issue. Not sure its some big conspiracy to get people to use a backdoors version but then again these days just about anything is conceivable.
https://groups.google.com/forum/#!searchin/qubes-users/$20GCC/qubes-users/G_5WgkHmjgk/FNOVSaHMl3MJ
Tim W
Dec 4, 2015, 11:37:00 PM12/4/15
to qubes-users
Well I just tried a sudo yum-deprecated install gcc and it immediately found it and was waiting on Y for install. That was in my Fedora 23 template
Reply all
Reply to author
Forward
0 new messages