Keyring on external encrypted drive

Pete Stephenson pete at heypete.com
Thu May 23 18:22:13 CEST 2013


On Thu, May 23, 2013 at 5:59 PM, NdK <ndk.clanbo at gmail.com> wrote:
> Il 23/05/2013 17:37, Zece Anonimescu ha scritto:
>
>> Anyway, would a onscreen keyboard would help against a keylogger?
> Nope. I heard of keyloggers that take a snapshot of the screen at click
> time. If you are so concerned about security, use a smartcard inserted
> in a reader w/ pinpad -- but I don't know if such a reader will work
> with OpenPgpCard.

The card reader + pinpad sold at
http://shop.kernelconcepts.de/product_info.php?cPath=1_26&products_id=61
claims to be supported with GnuPG >1.4.0 so it should work fine.

> And even then, you'd need a patched card that accepts a single PSO for
> every PIN entry...

The standard OpenPGP smartcard has an option that, when enabled,
prompts for a PIN for every signature. It's probably a useful thing to
enable. It does not have an option (as far as I know, please correct
me if I'm wrong) to prompt for a PIN for every decryption operation.

-- 
Pete Stephenson



More information about the Gnupg-users mailing list