OpenPGP-SmartCard V2.0 zurücksetzen

If you have a version 2 card, this is possible.

WARNING: Don't run the commands given below on version 1 cards - you
will brick the card.

1. First you have to lock the PIN by decremeting the retry counters.  I
   do it this way:

  $ gpg-connect-agent --hex
  > scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
  D[0000]  69 82                                              i.              
  OK
  > scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
  D[0000]  69 82                                              i.              
  OK
  > scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
  D[0000]  69 82                                              i.              
  OK
  > scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
  D[0000]  69 83                                              i.   
  > scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
  D[0000]  69 82                                              i.              
  OK
  > scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
  D[0000]  69 82                                              i.              
  OK
  > scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
  D[0000]  69 83                                              i.   


The status code 6983 says that the PIN is locked.  I use a PIN of
"@@@@@@@@" which is very likey invalid.

2. You terminate the card and activate it again:

  >  scd apdu 00 e6 00 00
  D[0000]  90 00                                              ..              
  OK
  >  scd apdu 00 44 00 00
  D[0000]  90 00                                              ..              
  OK
  > bye
  OK closing connection
  >   

Remove the card and insert it again.  That's all.  gpg --card-status
shows a fresh card. 

To make things easier you may send the lines below as input to
gpg-connect-agent (store them in a file and run "gpg-connect-agent < FILE").

======
/hex
scd serialno
scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
scd apdu 00 e6 00 00
scd apdu 00 44 00 00
/echo card has been reset to factory defaults
=====

gpg-connect-agent has a complete scripting language, you may use it to
write a more robust script with error checking etc.


Salam-Shalom,

   Werner

Hinweis[e]:
Beim Test mit yubikey neo-n erfolgte der Wechsel in der Anzeige nicht auf 83, funktioniert hat es trotzdem.

Quelle[n]:

• OpenPGP-SmartCard V2.0 unter Ubuntu 10.04 – Probleme und Lösungen – Pro-Linux [abgerufen 2015/09/04]
• GnuPG Mailing List Archives [abgerufen 2015/09/04]