[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Sat, 24 Mar 2007 14:02:26 +0000 Henry Bremridge <henry.bremridge@xxxxxxxxx> wrote: > Saw an exchange of correspondence on the IRC about adding gpg keys to > a smart card Which smart card reader did you get, where and how much? > What happened is that the keys did not transfer over smoothly, 2 > sub-keys, but not the third. To cut a long story short I ended up > deleting my original decryption subkey and had to obtain a new GPG key I'd rather not have a third GnuPG key, I want to be sure I can use my main key before using something like this. Would this kind of thing work with OpenID too? Presumably there is still a passphrase involved - some of the readers appear to show simple pin entry pads, I'd be happier if this was more than a 4 digit pin. > Couple of points to note: > - Your signature key will have changed Do you mean a new signature on the key or a new key entirely? My Debian key isn't one I would change lightly. > - Your decryption key will have changed: therefore if you receive an > email to your previous key then you will addback your old key I'd prefer to keep the old one and migrate that to a card. > If I can be of any help, please let me know: nick is henry on the irc. > Apologies if I forget to say I am away... > > > PS. Next step (I have a lot of those!) is to add my ssh keys to it My problem with cards like this is: I'm upstairs, working away on the desktop. SSH, GnuPG, etc. I complete that task and fancy a break. Downstairs, I remember something I have to do and grab the laptop. That's fine if SSH depends on a passphrase in my memory but it's a PITA if I have to go upstairs to get the card from the other machine - I'd end up almost never using the laptop. (And removing the card every time I leave the office upstairs is just as much of a pain when it's only me in the house.) Without buying a second card reader, I'd also have to faff around unplugging the reader before going downstairs. Yeah, right.... Well done for getting it working though. :-) -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/
Attachment:
pgpiGjgLmzrtK.pgp
Description: PGP signature
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html