[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: trezor-agent: using trezor as gpg key

From: Danny Milosavljevic
Subject: Re: trezor-agent: using trezor as gpg key
Date: Fri, 3 Sep 2021 18:35:12 +0200


On Fri, 03 Sep 2021 07:55:19 +0000
Attila Lendvai <> wrote:

> i'm failing to configure my gnupg to use Trezor (an USB hw key store).
> $ ls -l /dev/usb/
> crw-rw---- 1 root plugdev 180, 0 Sep 3 09:25 hiddev0
> $ groups
> users plugdev [...]
> $ trezor-gpg-agent &
> [1] 11223
> $ gpg --sign /tmp/x
> 2021-09-03 09:41:19,129 ERROR Failed to enumerate WebUsbTransport. 
> USBErrorAccess: LIBUSB_ERROR_ACCESS [-3] []
> 2021-09-03 09:41:19,132 ERROR handler failed: Trezor not connected 
> []
> libagent.device.interface.NotFoundError: Trezor not connected
> gpg: Warning: not using 'Attila Lendvai <>' as default 
> key: No secret key
> gpg: all values passed to '--default-key' ignored
> gpg: keydb_search failed: Broken pipe
> gpg: no default secret key: Broken pipe
> gpg: signing failed: Broken pipe
> how can i see/debug here which file has the wrong permissions? the python 
> backtrace is not very useful without printing the variable values.

You can

 strace -f gpg --sign /tmp/x 2>&1 |grep /dev

but I suspect that that won't show anything interesting because it's actually 
trezor-gpg-agent doing the access.


   strace -f trezor-gpg-agent 2>&1 |grep /dev


In any case, since I did pretty much the same with a Ledger Nano, check the 
permissions of /dev/hidraw*.  After fixing the permissions to the latter file, 
it works fine as a regular user.

See also for how to make the 
change permanent.

Even then, it only works fine once one logs out and back in, and at the time of 
login have the usb device already be connected.  I think that's a bug in our 
elogind (sigh).

reply via email to

[Prev in Thread] Current Thread [Next in Thread]