Keyring on external encrypted drive

Zece Anonimescu zece at riseup.net
Wed May 22 14:01:10 CEST 2013


Pete Stephenson:
> Depending on your exact needs, you may find an OpenPGP smartcard to be
> a better choice -- once the private key or keys are loaded onto the
> card you can do all the normal operations (e.g. signing, decrypting,
> etc.), but the keys cannot be extracted from the card (barring bad
> guys with advanced means of disassembling microchips and reading out
> their contents). All the private key operations are conducted on-card
> and the keys never leave the card. If you need to, you can delete the
> keys from the card but you can't access or copy them from the card.

Are they pregenerated? Or it's up to me to create and erase them?

> See http://g10code.com/p-card.html for a description of the card. You

Only 2048bits lenght.

> can buy it and the appropriate reader from
> http://shop.kernelconcepts.de/index.php?cPath=1_26&sort=2a&language=en
> . I've had good luck with the SCR-335 reader on both Windows and
> several Linux distributions.

It's sad even this kind of hardware shares the fate of video cards or
wifi sticks. This shouldn't be luck but open drivers and firmware. After
all one can understand Adobe for being such a pain, otherwise people
won't feel a need to buy their product. But for hardware people the game
is so much different because people can't download their products from
warez sites. And hiding the latest tweak is also stupid because there
are patents to protect them.

But thank you for the pointers. And € priced store is handy.



More information about the Gnupg-users mailing list