Commands are not distinguished from options execpt for the fact that only one one command is allowed.

--version

Print the program version and licensing information. Not that you can abbreviate this command.

--help, -h

Print a usage message summarizing the most usefule command-line options. Not that you can abbreviate this command.

--dump-options

Print a list of all available options and commands. Not that you can abbreviate this command.

--server

Run in server mode and wait for commands on the stdin. This is default mode is to create a socket and listen for commands there.

--multi-server

Run in server mode and wait for commands on the stdin as well as on an additional Unix Domain socket. The server command GETINFO may be used to get the name of that extra socket.

--daemon

Run the program in the background. This option is required to prevent it from being accidently running in the background.

--print-atr

This is mainly a debugging command, used to print the ATR (Answer-To-Reset) of a card and exit immediately.

--options file

Reads configuration from file instead of from the default per-user configuration file. The default configuration file is named `scdaemon.conf' and expected in the `.gnupg' directory directly below the home directory of the user.

--homedir dir

Set the name of the home directory to dir. If his option is not used, the home directory defaults to `~/.gnupg'. It is only recognized when given on the command line. It also overrides any home directory stated through the environment variable `GNUPGHOME' or (on W32 systems) by means on the Registry entry HKCU\Software\GNU\GnuPG:HomeDir.

-v

--verbose

Outputs additional information while running. You can increase the verbosity by giving several verbose commands to gpgsm, such as

--debug-level level

Select the debug level for investigating problems. level may be one of:

none

no debugging at all.

basic

some basic debug messages

advanced

more verbose debug messages

expert

even more detailed messages

guru

all of the debug messages you can get

How these messages are mapped to the actual debugging flags is not specified and may change with newer releaes of this program. They are however carefully selected to best aid in debugging.

All debugging options are subject to change and thus should not be used by any application program. As the name says, they are only used as helpers to debug problems.

--debug flags

This option is only useful for debugging and the behaviour may change at any time without notice. FLAGS are bit encoded and may be given in usual C-Syntax. The currently defined bits are:

0 (1)

command I/O

1 (2)

values of big number integers

2 (4)

low level crypto operations

5 (32)

memory allocation

6 (64)

caching

7 (128)

show memory statistics.

9 (512)

write hashed data to files named dbgmd-000*

10 (1024)

trace Assuan protocol

11 (2048)

trace APDU I/O to the card. This may reveal sensitive data.

--debug-all

Same as --debug=0xffffffff

--debug-wait n

When running in server mode, wait n seconds before entering the actual processing loop and print the pid. This gives time to attach a debugger.

--debug-ccid-driver

Enable debug output from the included CCID driver for smartcards. Using this option twice will also enable some tracing of the T=1 protocol. Note that this option may reveal sensitive data.

--debug-disable-ticker

This option disables all ticker functions like checking for card insertions.

--debug-allow-core-dump

For security reasons we won't create a core dump when the process aborts. For debugging purposes it is sometimes better to allow core dump. This options enables it and also changes the working directory to `/tmp' when running in --server mode.

--no-detach

Don't detach the process from the console. This is manly usefule for debugging.

--log-file file

Append all logging output to file. This is very helpful in seeing what the agent actually does.

--pcsc-driver library

Use library to access the smartcard reader. The current default is `libpcsclite.so'. Instead of using this option you might also want to install a symbolic link to the default file name (e.g. from `libpcsclite.so.1').

--ctapi-driver library

Use library to access the smartcard reader. The current default is `libtowitoko.so'. Note that the use of this interface is deprecated; it may be removed in future releases.

--disable-ccid

Disable the integrated support for CCID compliant readers. This allows to fall back to one of the other drivers even if the internal CCID driver can handle the reader. Note, that CCID support is only available if libusb was available at build time.

--reader-port number_or_string

This option may be used to specify the port of the card terminal. A value of 0 refers to the first serial device; add 32768 to access USB devices. The default is 32768 (first USB device). PC/SC or CCID readers might need a string here; run the program in verbose mode to get a list of available readers. The default is then the first reader found.

--disable-keypad

Even if a card reader features a keypad, do not try to use it.

--allow-admin

--deny-admin

This enables the use of Admin class commands for card applications where this is supported. Currently we support it for the OpenPGP card. Deny is the default. This commands is useful to inhibit accidental access to admin class command which could ultimately lock the card through worng PIN numbers.

--disable-application name

This option disables the use of the card application named name. This is mainly useful for debugging or if a application with lower priority should be used by default.

All the long options may also be given in the configuration file after stripping off the two leading dashes.

scdaemon supports the card applications as described below.

This application is currently only used by gpg but may in future also be useful with gpgsm.

The specification for such a card is available at ().

This is the main application of the Telesec cards as available in Germany. It is a superset of the German DINSIG card. The card is used by gpgsm.

This is an application as described in the German draft standard DIN V 66291-1. It is intended to be used by cards supporteing the German signature law and its bylaws (SigG and SigV).

This is common fraqmework for smart card applications. It is used by gpgsm.

$ scdaemon --server -v

There are a few configuration files to control certain aspects of scdaemons's operation. Unless noted, they are expected in the current home directory (see: [option --homedir]).

scdaemon.conf

This is the standard configuration file read by scdaemon on startup. It may contain any valid long option; the leading two dashes may not be entered and the option may not be abbreviated. This default name may be changed on the command line (see: [option --options]).

scd-event

If this file is present and executable, it will be called on veyer card reader's status changed. An example of this script is provided with the distribution

reader_n.status

This file is created by sdaemon to let other applications now about reader status changes. Its use is now deprecated in favor of `scd-event'.

The full documentation for this tool is maintained as a Texinfo manual. If GnuPG and the info program are properly installed at your site, the command

info gnupg

should give you access to the complete manual including a menu structure and an index.