GnuPG Agent crashes

[mfv]

> On Sat, 2016-11-19 at 11:21 Brandon J.Wandersee
> <brandon.wandersee at gmail.com> wrote:
>
>Steve O'Hara-Smith writes:
>
>> On Sat, 19 Nov 2016 16:48:26 +0100
>> Bertram Scharpf <lists at bertram-scharpf.de> wrote:
>>  
>>> Hi,
>>> 
>>> after a ports update and before I try to fix or report it:
>>> 
>>>   $ gpg-agent
>>>   Assertion failed: (res == 0), function enter_npth, file npth.c,
>>> line 123. zsh: abort (core dumped)
>>> 
>>> Who allows such crap to be committed?  
>>
>> 	Well there doesn't seem to be a relevant patch in the port
>> so I'd say most likely someone on the gnupg project.  
>
>It's a known problem, stemming from the GnuPG project. A fix is
>supposedly on the way.[1]
>
>[1]: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=214568
>

Hello,

I too have been bitten by this bug, in particular, encrypted emails
can no longer be read.  According to Bugzilla it appears this issue
will not be resolved until the imminent upgraded of gpg to v2.1.16.

As a side issue, I've been exploring the use of a smart card to
enhance the security of logging in and encrypting files and emails, but
this bug has me spooked.  Is it correct to assume that if a computer
relies on a smart card to log in, it would be inaccessible due to this
or similar bugs?  I would appreciate any advice on the use of smart
cards and pointers for further information.

My greatest concern is being locked out; not due to a missing password
but due to a software glitch.  I suppose a method to access such a
computer is to log in as root and wait until the upgrade is available.
But if the whole disc is encrypted how is it possible to access it to
perform the upgrade?

Lastly, is it possible to set up a login to access a long password
contained in a file on a USB thumb drive?

Cheers ...

Marek