key capabilities usage meanings

Werner Koch wk at
Mon Apr 11 16:12:49 CEST 2005

On Sun, 10 Apr 2005 08:51:23 -0400, J Wren Hunt said:

> Is there any public documentation on how to implement this? The only way
> I've seen thus far to implement this is to use patched versions of the
> SSH daemon which I'm rather loathe to do if there's an
> easier/more-supported way. Thx!

The CVS version of gnupg 1.9 supports this by providing a replacement
for the ssh-agent.  There is one problem though: As of now you can't
use gpg (1.4) with smartcards and the gpg-agent with smartcards at the
same time, becuase both demand exclusive access to the reader.  Its
pretty annoying and I am actually working on solving it.

If you don't need a background ssh process (i.e. from a cron job)
there is an ugly workaround:  Give gpg-agent a HUP before using gpg,
so that gpg-agent will release access to the reader.

Stay tuned.



More information about the Gnupg-users mailing list