Local PAM authentication with OpenPGP Card (was Re: PAM authentication with gpg or ssh key)
gniibe at fsij.org
Thu Oct 1 08:06:06 CEST 2015
On 09/30/2015 07:54 PM, Peter Lebbing wrote:
> So that's my scenario. I'm just expressing my idea of what would be
> cool. If you decide to work on authentication with OpenPGP cards, this
> is an idea for one way of using it.
Thank you for explanation. I could imagine the use case for
OpenPGPcard authentication for local sudo (or remote sudo). I guess
that this can be done by pam module for SSH authentication by
ssh-agent. If really needed, we could write new pam module doing
similar by connecting gpg-agent (instead of socket for ssh).
Although I have a bit of experience with Poldi, frankly speaking, I
don't quite understand the need for local login authentication with
OpenPGPcard. For me, if I do some access control for my own PC, it
would be better to consider removing keyboard from a PC, or securing
access to the room where I have a PC.
Anyway, I do understand now, there are some needs for local login
authentication with OpenPGPcard.
Thank you, again.
More information about the Gnupg-users