-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 re: https://www.gnupg.org/blog/20171005-gnupg-ccid-card-daemon-UbuntuPhone.h tml
Matthias, I appreciate your doing this tutorial. You put a lot of effort into it. I'm wanting to make some suggestions. Please forgive me if I'm misunderstanding anything. Cheers, Daniel Villarreal The device root file system is for good reason mounted read-only. I.e. one can not just install any other piece of software into it. could perhaps be... The device root file system is mounted read-only for good reason, i.e. one can not just install any other software in it. The way used here is an additional Linux system inside the phones system and chroot-ing into it for the to be installed software, and later calling the software from outside the chroot'ed file system. could be perhaps... The method used here is an additional Linux system inside the phone's system and chrooting into it to install this software, and later calling the software from outside the chrooted file system. The second occurrence of phablet should not be formatted. I have created there an additional directory /home/phablet/myRoot and below this untar'ed a complete Debian based Linux. How to do this is described in a small Gitbook about the BQ E4.5. could be perhaps... I have created there an additional directory /home/phablet/myRoot and below this untarred a complete Debian based Linux. How to do this is described in this article, i.e. Gitbook about the BQ E4.5. In the following text as naming convention the shell prompt $ means, we are in the phones file system and something like root@ubuntu-phablet:/# or phablet@ubuntu-phablet:~$ means, we are in the chroot'ed file system, best to understand with these commands: could be perhaps... The shell prompt "$" indicates that we are in the phone's file system. Conversely, something similar to "root@ubuntu-phablet:/#" or "phablet@ubuntu-phablet:~$" indicates that we are in the phone's chrooted file system. To illustrate: pass is a small password-storage manager which we will later use for our GnuPG encrypted tree of password, for example for websites or any other purpose, bank account PIN, … could be perhaps... Pass is a small password-storage manager, which we will use for our GnuPG encrypted tree of password, e.g., for websites or any other purpose, bank account PIN ... Now in the phone system we configure for GnuPG the following config files: could be perhaps... Now in the phone system we configure the following config files for GnuPG: Due to the nature of the installation in the chroot'ed system we need small wrapper scripts to set PATH, LD_LIBRARY_PATH, … and other stuff; could be perhaps... Due to the nature of the installation in the chrooted system, we need small wrapper scripts to set PATH, LD_LIBRARY_PATH, etc.; run and create for test a key pair (later we want to use the OpenPGP card key pair for instead of this) could be perhaps... run and create a key pair to test (later we'll use the OpenPGP card key pair instead) Now we can use the 'pass' command we installed in the chroot'es system with could be perhaps... Now we can use the 'pass' command we installed in the chrooted system with Question: Why is there an asterisk after the prompt at the end of pass.sh ? Init the pass storage as: could be perhaps... Initialize the pass storage as: Insert some password for test: could be perhaps... Insert a random password to test: Final step is getting support for the OpenPGP card. We need the 'pcscd' daemon. Its build is a bit tricky because it must later, on start from outside the chroot'ed syste, find the ccid driver. could be perhaps... Final step is getting support for the OpenPGP card. We need the pcscd daemon. Its build is a bit tricky because it must later find the ccid driver, upon commencing from outside of the chrooted system. We compile the following pieces inside the chroot'ed system: could be perhaps... We compile the following components inside the chrooted system: ok, now the 'ccid' driver, installed (copied) to be seen by the daemon: could be perhaps... Now install the ccid driver: the driver libccid.so and its control file Info.plist ended up as configured in: could be perhaps... The libccid.so driver and its control file Info.plist are configured in: Now we start in the phone the pcscd daemon as: could be perhaps... Now we start the pcscd daemon as: Now we removed /home/phablet/.gnupg (saving the *.conf files) and copied over from my real netbook the /.password-store and the key material for the OpenPGP card; let's see if 'pass' can unlock the card (via the gpg-agent) and decipher the crypted information (uncrypted shown here as XXXXXXXX-XXXXXX). The gpg-agent will first ask for the card to be inserted and then for its PIN. could be perhaps... I removed /home/phablet/.gnupg (after saving the *.conf files) and copied over from my real netbook the /.password-store and the key material for the OpenPGP card; let's see if 'pass' can unlock the card (via the gpg-agent) and decipher the encrypted information (unencrypted shown here as XXXXXXXX-XXXXXX). The gpg-agent will first ask for the card to be inserted, and then for its PIN. - -- Daniel Villarreal http://www.youcanlinux.org youcanlinux at gmail.com PGP key 2F6E 0DC3 85E2 5EC0 DA03 3F5B F251 8938 A83E 7B49 https://pgp.mit.edu/pks/lookup?op=get&search=0xF2518938A83E7B49 -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEL24Nw4XiXsDaAz9b8lGJOKg+e0kFAlng7UsACgkQ8lGJOKg+ e0n/sggAlGkF/VLxvYrZrT1Kfr7a9jyOZilUO06rfiQN5CF8fVZxkPuSkm38UtMA uF5IvzMTyXj61/BCOpOrZn3lL4C9npYbzHLBel3TIbI8fV1FoHpwpC61wZVQSJ9P O3k+qls0aAJyn+YhXJ5UfxgaIm4AFgcQrKp9rljk4s3y6xyu5abcE7uqh0pttMMU ZQQ9j4RpUSodFJg/bC8LsjlIVWt3dFoN7hEjwuTaPiAFrOo+njpcXNSwOdOqL0vh 2I6dO2BHyG+2acYNTjXZl1m7B6NVcZuHgycwV5Zaf3oNQ4HP+C/M0bMbkyKP3yAa 0YZGDggLMWW+SbrAZ5SEAmMKeXwHHA== =6L1y -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users