There has been some discussion on debian-devel[1] about making a bootable Debian Live CD specifically for GnuPG
The benefit is that everything on the CD is self-contained, it can't be tampered with, it can run without network support in the kernel and the workflow would be controlled by a script. All the details, including workflow, are described in a wiki[2] I have some questions about this: - has anybody already seen anything like this? Nobody likes re-inventing the wheel - can we call all the necessary GnuPG commands from a script without the user interacting directly with GnuPG, using "--batch" / unattanded operation? The sequence of commands involved would be similar to this blog[3] - what would be the preferred way for the GUI to obtain and keep the master key passphrase without prompting the user to re-enter it for every operation? - would anybody else like to suggest improvements to the workflow? 1. https://lists.debian.org/msgid-search/571dd206.1070...@pocock.pro 2. https://wiki.debian.org/OpenPGP/CleanRoomLiveEnvironment 3. https://blog.josefsson.org/2014/06/23/offline-gnupg-master-key-and-subkeys-on-yubikey-neo-smartcard/ _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
