Limit access to unlocked OpenPGP SmartCard?
Jacob Bachmeyer
jcb62281 at gmail.com
Fri Jan 28 03:28:55 CET 2022
Felix E. Klee wrote:
> After I unlock an OpenPGP SmartCard V2.1 in my SPR332 [mod][1], I can
> use it to decrypt as many files as I want. While this is convenient, it
> is not great if the system is compromised and I forget to unplug the
> card reader.
>
> Is there any way to limit how long the OpenPGP SmartCard remains
> unlocked?
>
Does your smartcard reader have its own keypad for entering the PIN? If
not and you are concerned about a possible system compromise, you have
bigger problems, like the possibility for your smartcard PIN to be
stolen as you enter it. If you then leave the card in the reader,
Mallory can abuse it at his leisure. Even if you only insert the card
when you intend its use, Mallory could plant malware that waits for the
card to be inserted, then abuses it.
-- Jacob
More information about the Gnupg-users
mailing list