[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Adding GPG keys to a smart card

To: list@xxxxxxxxxxxxx
Subject: Re: [LUG] Adding GPG keys to a smart card
From: Neil Williams <linux@xxxxxxxxxxxxxx>
Date: Sat, 24 Mar 2007 14:34:12 +0000

On Sat, 24 Mar 2007 14:02:26 +0000
Henry Bremridge <henry.bremridge@xxxxxxxxx> wrote:

> Saw an exchange of correspondence on the IRC about adding gpg keys to
> a smart card

Which smart card reader did you get, where and how much?

> What happened is that the keys did not transfer over smoothly, 2
> sub-keys, but not the third. To cut a long story short I ended up
> deleting my original decryption subkey and had to obtain a new GPG key

I'd rather not have a third GnuPG key, I want to be sure I can use my
main key before using something like this.

Would this kind of thing work with OpenID too?

Presumably there is still a passphrase involved - some of the readers
appear to show simple pin entry pads, I'd be happier if this was more
than a 4 digit pin.

> Couple of points to note:
> -   Your signature key will have changed

Do you mean a new signature on the key or a new key entirely? My Debian
key isn't one I would change lightly.

> -   Your decryption key will have changed: therefore if you receive an
>     email to your previous key then you will addback your old key

I'd prefer to keep the old one and migrate that to a card.

> If I can be of any help, please let me know: nick is henry on the irc.
> Apologies if I forget to say I am away...
>
>
> PS. Next step (I have a lot of those!) is to add my ssh keys to it

My problem with cards like this is:

I'm upstairs, working away on the desktop. SSH, GnuPG, etc. I complete
that task and fancy a break. Downstairs, I remember something I have to
do and grab the laptop. That's fine if SSH depends on a passphrase in
my memory but it's a PITA if I have to go upstairs to get the card from
the other machine - I'd end up almost never using the laptop. (And
removing the card every time I leave the office upstairs is just as
much of a pain when it's only me in the house.) Without buying a second
card reader, I'd also have to faff around unplugging the reader before
going downstairs. Yeah, right....

Well done for getting it working though.
:-)

--

Neil Williams
=============
http://www.data-freedom.org/
http://www.nosoftwarepatents.com/
http://www.linux.codehelp.co.uk/

Attachment: pgpiGjgLmzrtK.pgp
Description: PGP signature

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html

Follow-up: Re: [LUG] Adding GPG keys to a smart card
- From: Henry Bremridge

References:
- [LUG] Adding GPG keys to a smart card
  - From: Henry Bremridge

Prev by Date: Re: [LUG] Adding GPG keys to a smart card
Next by Date: [LUG] SUSE 10.2 - bit torrents
Previous by thread: Re: [LUG] Adding GPG keys to a smart card
Next by thread: Re: [LUG] Adding GPG keys to a smart card
Index(es):
- Date
- Thread