cache-timeout not working with smartcard
peter at digitalbrains.com
Fri Dec 18 09:35:08 CET 2009
I would also like the features requested in this thread: having the card locked
again after a decryption/authentication and the possibility to easily unplug and
replug an ID-000 reader.
Werner Koch wrote:
> If you are talking about malware on your box, nothing will help you.
> You don't have any control anymore on your box. The only advantage
> you have is that the bot needs to wait until you enter the PIN the
> next time and then it can replay the PIN as needed. Oh, you are using
> a pinpad reader - well in this case the malware just et you sign
> something it is interested in and not what you assume.
This is also about physical access. If I use the smart card and leave the
workstation for a moment (and forget to lock the card again), somebody can sit
down at my workstation and happily decrypt my gpg files and use ssh to log in to
Sure, physical access can cause lots of trouble, but it takes more time and
effort than just typing "ssh interesting-host". I don't feel comfortable about it.
>> 2. Couldn't scdaemon be configured to also access the signature key on
>> the card every time, even if only the authentication or encryption key
>> is needed?
> Why would you want to do that? See above.
I'm not really convinced about the security of this method anyway. Access
control should be at the card. However, how about powering down _and_up_ the
card after every auth/decrypt? Configurable, of course. That way, PIN entry can
start immediately when the next auth/decrypt turns up, without the delay of
powering up and initialising the card (actually, the delay has been moved to the
moment after the previous use).
PS: I also use the internal CCID driver.
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt
(new, larger key created on Nov 12, 2009)
More information about the Gnupg-users