252
256
@end smallexample
259
@item --card-timeout @var{n}
260
@opindex card-timeout
261
If @var{n} is not 0 and no client is actively using the card, the card
262
will be powered down after @var{n} seconds. Powering down the card
263
avoids a potential risk of damaging a card when used with certain
264
cheap readers. This also allows non Scdaemon aware applications to
265
access the card. The disadvantage of using a card timeout is that
266
accessing the card takes longer and that the user needs to enter the
267
PIN again after the next power up.
269
Note that with the current version of Scdaemon the card is powered
270
down immediatley at the next timer tick for any value of @var{n} other
256
274
@item --disable-keypad
257
275
@opindex disable-keypad
258
276
Even if a card reader features a keypad, do not try to use it.
263
281
@opindex allow-admin
265
This enables the use of Admin class commands for card applications
266
where this is supported. Currently we support it for the OpenPGP
267
card. Deny is the default. This commands is useful to inhibit
268
accidental access to admin class command which could ultimately lock
269
the card through worng PIN numbers.
282
This option disables the use of admin class commands for card
283
applications where this is supported. Currently we support it for the
284
OpenPGP card. This commands is useful to inhibit accidental access to
285
admin class command which could ultimately lock the card through wrong
286
PIN numbers. Note that GnuPG versions older than 2.0.11 featured an
287
@option{--allow-admin} command which was required to use such admin
288
commands. This option has no more effect today because the default is
289
now to allow admin commands.
271
291
@item --disable-application @var{name}
272
292
@opindex disable-application
291
311
* NKS Card:: The Telesec NetKey card application
292
312
* DINSIG Card:: The DINSIG card application
293
313
* PKCS#15 Card:: The PKCS#15 card application
314
* Geldkarte Card:: The Geldkarte application
296
317
@node OpenPGP Card
297
318
@subsection The OpenPGP card application ``openpgp''
299
320
This application is currently only used by @command{gpg} but may in
300
future also be useful with @command{gpgsm}.
321
future also be useful with @command{gpgsm}. Version 1 and version 2 of
322
the card is supported.
302
The specification for such a card is available at
303
@uref{http://g10code.com/docs/openpgp-card-1.0.pdf}.
324
The specifications for these cards are available at
325
@uref{http://g10code.com/docs/openpgp-card-1.0.pdf} and
326
@uref{http://g10code.com/docs/openpgp-card-2.0.pdf}.
306
329
@subsection The Telesec NetKey card ``nks''
322
345
This is common fraqmework for smart card applications. It is used by
349
@subsection The Geldkarte card application ``geldkarte''
351
This is a simple application to display information of a German
352
Geldkarte. The Geldkarte is a small amount debit card application which
353
comes with almost all German banking cards.
326
356
@c *******************************************
327
357
@c *************** ****************
470
500
@subsection Return a certificate
473
READCERT @var{hexified_certid}
503
READCERT @var{hexified_certid}|@var{keyid}
476
506
This function is used to read a certificate identified by
477
@var{hexified_certid} from the card.
507
@var{hexified_certid} from the card. With OpenPGP cards the keyid
508
@code{OpenPGP.3} may be used to rad the certticate of version 2 cards.
480
511
@node Scdaemon READKEY
580
611
@subsection Change PINs.
583
PASSWD [--reset] @var{chvno}
614
PASSWD [--reset] [--nullpin] @var{chvno}
586
617
Change the PIN or reset the retry counter of the card holder
587
verification vector number @var{chvno}.
618
verification vector number @var{chvno}. The option @option{--nullpin}
619
is used to initialize the PIN of TCOS cards (6 byte NullPIN only).
590
622
@node Scdaemon CHECKPIN