how to use the gnupg for authenticated logins

Neil Williams linux@codehelp.co.uk
Sun Aug 10 21:26:08 2003 

--Boundary-02=_EzpN/Cdxpze3slS
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline

On Sunday 10 Aug 2003 5:39 pm, Carl L. Gilbert wrote:
> a few points
> ssh does not need a passpharase.  I use it daily and many use CVS over
> ssh without passpharases.

=46orgot that. I only use it with passphrases.

> This is only a login technique AFAIK, we are not talking about secure
> communication after the login right? thats a separate thing which is
> already handled by SSL.  Are we also talking about a replacement for
> that?

No, just a handover. I have considered a simple verification command that c=
an=20
be used if SSL isn't available on any particular site using gnupg_login.

> I agree to keep it minimal server side, like with PERL.  but I don't
> know if the perl libraries exist to talk with gpg yet!?  Client side can

I use two already. The one I'm using most is GnuPG::Interface
http://search.cpan.org/author/FTOBIN/GnuPG-Interface-0.33/lib/GnuPG/Interfa=
ce.pm

> use a plugin much like enigmail.  An applet could work, but it would
> have to be granted special permission to run certain programs on the
> client computer.  Applet seems a little awkward here.  I guess plugin is
> the way to go.  I hope you can write them in Java...

Perl would seem better. The module is really very easy to use.

# Now we'll go about encrypting with the options already set
  my @plaintext =3D ( 'foobar' );
  my $pid =3D $gnupg->encrypt( handles =3D> $handles );
 # Now we write to the input of GnuPG
  print $input @plaintext;
  close $input;
  # now we read the output
  my @ciphertext =3D <$output>;
  close $output;
  waitpid $pid, 0;

I've written a basic template for gnupg_login and emailed it to you=20
separately.

Would the GnuPG developers on the list mind if I used gnupg_login and=20
gnupg_client for this little idea?

If it does proceed beyond idle dreams, what is the best way forward to keep=
 it=20
in step with GnuPG and maybe even integrated into GnuPG itself eventually?

=2D-=20

Neil Williams
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
http://www.codehelp.co.uk
http://www.dclug.org.uk

http://www.biglumber.com/x/web?qs=3D0x8801094A28BCB3E3

--Boundary-02=_EzpN/Cdxpze3slS
Content-Type: application/pgp-signature
Content-Description: signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQA/NpzEiAEJSii8s+MRAkbEAJ41smQLSEtajCveiQ5WSvvbB+LP5gCfU0lo
zJ9w0XRbzYR9BfTxDcKfUCM=
=d0C7
-----END PGP SIGNATURE-----

--Boundary-02=_EzpN/Cdxpze3slS--