use policy of the GnuPG-card

Matthias Apitz guru at
Thu Jul 13 12:49:42 CEST 2017


I'm using the GnuPG card for signing, SSH, password-store (Firefox web passwords)
and locking un-locking the KDE desktop on card-insert or withdraw.
After resolving some technical (FreeBSD) issues, I now have it on daily
usage on my netbook and my workstation in the office.

One problem comes obviously in mind: Someone with priv access to your workstation,
for example IT personal, could relatively easy steal your passwords, just setting your
environment and waiting for the moment that you have unlocked the card with the PIN;
than he/she could run as root:

# GNUPGHOME=/home/guru/.gnupg-ccid export GNUPGHOME
# PASSWORD_STORE_DIR=/home/guru/.password-store export PASSWORD_STORE_DIR
# pass Business/cheese-whiz-factory
gpg: WARNING: unsafe ownership on homedir '/home/guru/.gnupg-ccid'

It would also not help to just withdraw the card after any short usage, for example to
fire up a SSH session. The attacker could just sit in background waiting for this short moment,
which is long enough to copy all your passwords in to clear mode and send them away.

How is this supposed to be managed?


Matthias Apitz, ✉ guru at, ⌂  ☎ +49-176-38902045
Public GnuPG key:
8. Mai 1945: Wer nicht feiert hat den Krieg verloren.
8 de mayo de 1945: Quien no festeja perdió la Guerra.
May 8, 1945: Who does not celebrate lost the War.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: </pipermail/attachments/20170713/800ea5bd/attachment-0001.sig>

More information about the Gnupg-users mailing list