[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: GnuPG with OpenPGP card implementation

Thank you for your information.

On 2013-10-09 at 22:26 -0400, Jeremy T. Bouse wrote:
> I have a built-in smartcard reader on my laptop:
> 
> Bus 002 Device 004: ID 0a5c:5800 Broadcom Corp. BCM5880 Secure 
> Applications Processor
> 
> And then I have a USB SCM331 reader I got while on a government 
> contract:
> 
> Bus 007 Device 002: ID 04e6:e001 SCM Microsystems, Inc. SCR331 
> SmartCard Reader

Great.  Are you using them with pcsc-lite or with GPG's internal ccid
driver?  I think that both works with GPG's internal ccid driver.

> Both work fine using as my SSH authentication key and with both gpg 
> 1.4.12 and gpg2 2.0.19. I currently am only using 3072bit keys though 
> I'm looking forward to seeing if the new cards I ordered will handle 
> 4096bit as I've read it is supposed to be supported with gpg2 2.0.18+ 
> and newer batches of the v2.0 cards.

In 2.0.19, we had a fix (decryption) for RSA 4096-bit keys on
smartcard/token.

It seems that using GPG's authentication key for SSH is not popular.
I wrote an article [1] to explain the benefit of distributing public
key by OpenPGP WoT.

[1] http://www.gniibe.org/memo/software/ssh/using-gpgkey-for-ssh
--
Reply to: