Hey all, I've been using a smartcard for several months now. It's a cryptostick if the model is important. Every time I sign something, it asks me for my pin. But once the card is unlocked, ssh authentication and decryption seem to happen forever, regardless of any ttl-cache settings in gpg-agent.conf. I just want to make sure I understand the semantics correctly.
It seems: 1) Once I enter my pin, the card is unlocked as long as it's connected. 2) I get prompted when making a signature because the sig counter gets incremented, and that's a write operation to the card. Decrypting and authenticating don't prompt because the operations don't write to the card. 3) The proper way to 'lock' the card is to remove it from the reader. Is this correct? -- Grant "I am gravely disappointed. Again you have made me unleash my dogs of war."
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
