how to use the gnupg for authenticated logins
Sun Aug 10 21:26:08 2003
Content-Description: signed data
On Sunday 10 Aug 2003 5:39 pm, Carl L. Gilbert wrote:
> a few points
> ssh does not need a passpharase. I use it daily and many use CVS over
> ssh without passpharases.
=46orgot that. I only use it with passphrases.
> This is only a login technique AFAIK, we are not talking about secure
> communication after the login right? thats a separate thing which is
> already handled by SSL. Are we also talking about a replacement for
No, just a handover. I have considered a simple verification command that c=
be used if SSL isn't available on any particular site using gnupg_login.
> I agree to keep it minimal server side, like with PERL. but I don't
> know if the perl libraries exist to talk with gpg yet!? Client side can
I use two already. The one I'm using most is GnuPG::Interface
> use a plugin much like enigmail. An applet could work, but it would
> have to be granted special permission to run certain programs on the
> client computer. Applet seems a little awkward here. I guess plugin is
> the way to go. I hope you can write them in Java...
Perl would seem better. The module is really very easy to use.
# Now we'll go about encrypting with the options already set
my @plaintext =3D ( 'foobar' );
my $pid =3D $gnupg->encrypt( handles =3D> $handles );
# Now we write to the input of GnuPG
print $input @plaintext;
# now we read the output
my @ciphertext =3D <$output>;
waitpid $pid, 0;
I've written a basic template for gnupg_login and emailed it to you=20
Would the GnuPG developers on the list mind if I used gnupg_login and=20
gnupg_client for this little idea?
If it does proceed beyond idle dreams, what is the best way forward to keep=
in step with GnuPG and maybe even integrated into GnuPG itself eventually?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
-----END PGP SIGNATURE-----