The security/gnupg port

gnupg-2.4.5 – GNU privacy guard - a free PGP replacement (cvsweb github mirror)


The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication
and data storage.  It can be used to encrypt data, create digital
signatures, help authenticating using Secure Shell and to provide a
framework for public key cryptography.  It includes an advanced key
management facility and is compliant with the OpenPGP and S/MIME
WWW: https://www.gnupg.org/


| Running ${PKGSTEM} on OpenBSD

In order to use a card reader other than the few ones supported by
GnuPG's internal CCID driver, the ccid, pcsc-lite and pcsc-tools packages
need to be installed.

Example YubiKey 4 Setup Procedure

Install required packages, enable and start pcscd(8) PC/SC smartcard daemon:

    # pkg_add ccid pcsc-lite pcsc-tools
    # rcctl enable pcscd
    # rcctl start pcscd

Find the reader with YubiKey:

    $ pcsc_scan -n
    PC/SC device scanner
    V 1.4.27 (c) 2001-2011, Ludovic Rousseau 
    Compiled with PC/SC lite version: 1.8.20
    Using reader plug'n play mechanism
    Scanning present readers...
    0: Yubico Yubikey 4 OTP+U2F+CCID 00 00

    Sun Apr 23 15:15:40 2017
    Reader 0: Yubico Yubikey 4 OTP+U2F+CCID 00 00
      Card state: Card inserted, Exclusive Mode,
      ATR: 3B F8 13 00 00 81 31 FE 15 59 75 62 69 6B 65 79 34 D4

Configure scdaemon(1) smartcard daemon to use this reader:

    $ echo "reader-port \"Yubico Yubikey 4 OTP+U2F+CCID 00 0\"" >> \

Check if the YubiKey is recognized by GnuPG:

    $ gpg --card-status
    Reader ...........: Yubico Yubikey 4 OTP U2F CCID 00 00

In some cases you may need to explicitely disable the internal CCID

    $ echo "disable-ccid" >> ~/.gnupg/scdaemon.conf
    $ gpgconf --kill scdaemon


Jeremie Courreges-Anglas



Library dependencies

Build dependencies

Run dependencies

Reverse dependencies