I've been reading up on amgpgcrypt. There's surprisingly little, and surprisingly less current documentation on this little extra. I want to use amgpgcrypt, but I want to get it set up 1) so that backups are encrypted to multiple key pairs, and 2) so that the keys can be stored on smart cards and issued to backup operators on an as-needed basis. Unfortunately, I can't find any documentation on whether this setup is workable or not. So my question is this: Is this a workable solution? Should it be viable for a remote administrator to SSH in (forwarding their GPG agent, of course), and run some restore commands, being prompted at their local terminal for their smart card PIN, and successfully complete the restore, or is the script written in such a way as to make this an unworkable solution?
