Debian64, gnupg-2.0.19, gpg-agent problems

Peter Koellner peter at asgalon.net
Mon Nov 26 12:56:09 CET 2012


On Mon, 26 Nov 2012, Werner Koch wrote:

> On Fri, 23 Nov 2012 16:58, peter at asgalon.net said:
>
>> I am configuring a crypto-stick for use with 4096 bit RSA keys and have run into two problems that look as if they are related to gpg-agent.
>
> 4096 bit RSA OpenPGP smartcards do not yet work with released GnuPG
> versions.  There is a reason why the cards have an imprint of 3072 ;-).

Ah. It does not seem to get easier... ;-)

I recently got some requests from interested people who wanted to
start using gnupg regularly, but a few first experimental steps showed that 
it was not quite that easy compiling a set of best practices for a layman to 
follow. So I thought I check out how it works with a USB crypto token, and 
so I just followed the claim that the card is capable of 4096 bit RSA 
encryption using gpg 2.0.19 - not that I needed maximum security keys that 
badly...

Basically, it seems to work now somehow with a combination of gpg2 and gpg1,
but the tutorial might as well be suitable as a scary campfire story ;-)

So if I do interpret this correctly, should it work without any hassle 
with 3072 bit RSA keys with either gpg1 or gpg2? Or what type of keys 
would you recommend if I wanted to give someone with basic linux experience 
and a need for a reasonable level of communication privacy an USB token and 
a few pages with instructions how to configure and use it, so they would not
be in danger of tripping over their own feet sooner or later?

-- 
peter kollner <peter at asgalon.net>



More information about the Gnupg-users mailing list