Local PAM authentication with OpenPGP Card (was Re: PAM authentication with gpg or ssh key)

NIIBE Yutaka gniibe at fsij.org
Thu Oct 1 08:06:06 CEST 2015


On 09/30/2015 07:54 PM, Peter Lebbing wrote:
> So that's my scenario. I'm just expressing my idea of what would be
> cool. If you decide to work on authentication with OpenPGP cards, this
> is an idea for one way of using it.

Thank you for explanation.  I could imagine the use case for
OpenPGPcard authentication for local sudo (or remote sudo).  I guess
that this can be done by pam module for SSH authentication by
ssh-agent.  If really needed, we could write new pam module doing
similar by connecting gpg-agent (instead of socket for ssh).

Although I have a bit of experience with Poldi, frankly speaking, I
don't quite understand the need for local login authentication with
OpenPGPcard.  For me, if I do some access control for my own PC, it
would be better to consider removing keyboard from a PC, or securing
access to the room where I have a PC.

Anyway, I do understand now, there are some needs for local login
authentication with OpenPGPcard.

Thank you, again.
-- 



More information about the Gnupg-users mailing list