Debian64, gnupg-2.0.19, gpg-agent problems
Peter Koellner
peter at asgalon.net
Mon Nov 26 12:56:09 CET 2012
On Mon, 26 Nov 2012, Werner Koch wrote:
> On Fri, 23 Nov 2012 16:58, peter at asgalon.net said:
>
>> I am configuring a crypto-stick for use with 4096 bit RSA keys and have run into two problems that look as if they are related to gpg-agent.
>
> 4096 bit RSA OpenPGP smartcards do not yet work with released GnuPG
> versions. There is a reason why the cards have an imprint of 3072 ;-).
Ah. It does not seem to get easier... ;-)
I recently got some requests from interested people who wanted to
start using gnupg regularly, but a few first experimental steps showed that
it was not quite that easy compiling a set of best practices for a layman to
follow. So I thought I check out how it works with a USB crypto token, and
so I just followed the claim that the card is capable of 4096 bit RSA
encryption using gpg 2.0.19 - not that I needed maximum security keys that
badly...
Basically, it seems to work now somehow with a combination of gpg2 and gpg1,
but the tutorial might as well be suitable as a scary campfire story ;-)
So if I do interpret this correctly, should it work without any hassle
with 3072 bit RSA keys with either gpg1 or gpg2? Or what type of keys
would you recommend if I wanted to give someone with basic linux experience
and a need for a reasonable level of communication privacy an USB token and
a few pages with instructions how to configure and use it, so they would not
be in danger of tripping over their own feet sooner or later?
--
peter kollner <peter at asgalon.net>
More information about the Gnupg-users
mailing list