Re: GnuPG with OpenPGP card implementation
Thank you for your information.
On 2013-10-09 at 22:26 -0400, Jeremy T. Bouse wrote:
> I have a built-in smartcard reader on my laptop:
>
> Bus 002 Device 004: ID 0a5c:5800 Broadcom Corp. BCM5880 Secure
> Applications Processor
>
> And then I have a USB SCM331 reader I got while on a government
> contract:
>
> Bus 007 Device 002: ID 04e6:e001 SCM Microsystems, Inc. SCR331
> SmartCard Reader
Great. Are you using them with pcsc-lite or with GPG's internal ccid
driver? I think that both works with GPG's internal ccid driver.
> Both work fine using as my SSH authentication key and with both gpg
> 1.4.12 and gpg2 2.0.19. I currently am only using 3072bit keys though
> I'm looking forward to seeing if the new cards I ordered will handle
> 4096bit as I've read it is supposed to be supported with gpg2 2.0.18+
> and newer batches of the v2.0 cards.
In 2.0.19, we had a fix (decryption) for RSA 4096-bit keys on
smartcard/token.
It seems that using GPG's authentication key for SSH is not popular.
I wrote an article [1] to explain the benefit of distributing public
key by OpenPGP WoT.
[1] http://www.gniibe.org/memo/software/ssh/using-gpgkey-for-ssh
--
Reply to: