key capabilities usage meanings
wk at gnupg.org
Mon Apr 11 16:12:49 CEST 2005
On Sun, 10 Apr 2005 08:51:23 -0400, J Wren Hunt said:
> Is there any public documentation on how to implement this? The only way
> I've seen thus far to implement this is to use patched versions of the
> SSH daemon which I'm rather loathe to do if there's an
> easier/more-supported way. Thx!
The CVS version of gnupg 1.9 supports this by providing a replacement
for the ssh-agent. There is one problem though: As of now you can't
use gpg (1.4) with smartcards and the gpg-agent with smartcards at the
same time, becuase both demand exclusive access to the reader. Its
pretty annoying and I am actually working on solving it.
If you don't need a background ssh process (i.e. from a cron job)
there is an ugly workaround: Give gpg-agent a HUP before using gpg,
so that gpg-agent will release access to the reader.
More information about the Gnupg-users