Hi all, this is more a "fyi notice" than anything else:
Thanks to the efforts of Werner Koch, Harald Welte, Nils Färber and myself, last week I finally managed to solve two major problems for my personal use of smart cards / OpenPGP crypto cards, such as the Fellowship crypto card [1], that might be bothering others as well. * 100% Free Software PCMCIA smart card reader Problem one was to find a PCMCIA smart card reader that could be used under GNU/Linux with 100% Free Software. Most PCMCIA readers under GNU/Linux seem to use proprietary libraries, which is unacceptable. From a security viewpoint, I also consider it self-defeating: Obviously the security of the system is only as strong as the security of the non-freelayer and all its maintaining infrastructure at the producing company, which the user has no control over. Thanks to Werner, Harald and Nils, it is now possible to use the Omnikey CardMan 4040 exclusively with Free Software under GNU/Linux. You will find more information here: http://www.fsfe.org/fellows/greve/freedom_bits/fellowship_crypto_card_the_cool_way * Remote SSH logins with crypto card authentication Problem two was to do remote logins via SSH with authentication through the smart card. There was a problem with the gpg-agent that did not do PIN caching, and thus was somewhat annoying to use in real life. Werner just addressed this problem, and now it works rather flawlessly. The gpg-agent replaces the ssh-agent for authentication, and it is possible to do remote securely authenticated OpenSSH logins. You can find information here: http://www.fsfe.org/fellows/greve/freedom_bits/authenticating_ssh_logins_with_the_fellowship_crypto_card So I hope this will help others with similar problems to solve them. If anyone feels like playing with it, adding to it, making it easier to use, or GUIfying it, that would be great. It would be good to see the technology improve and spread. Also, if people were to join the Fellowship (and such contribute to the work of FSFE) in order to have play with the cards and find more applications of it that are both fun and useful, that would be great. Regards, Georg [1] http://www.fsfe.org/card/ -- Georg C. F. Greve <[EMAIL PROTECTED]> Free Software Foundation Europe (http://fsfeurope.org) Join the Fellowship and protect your freedom! (http://www.fsfe.org)
pgpctxsmw0IOy.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
