Quoting Matthias Apitz <g...@unixarea.de> (from Tue, 9 May 2017 11:47:29 +0200):


The GnuPG project has a list of supported (USB) card readers:


Any comments or experiences about which of them are supported in FreeBSD 12-C?
Best would be the smallest one to carry it all day in the bag.

It's not FreeBSD which needs the support. gnupg comes with the drivers, FreeBSD only needs to see "a device on the bus", that's enough.

Check out the ports security/opensc amd devel/libccid (and gnupg needs to be build with the SCDAEMON option of the port). This will bring in the pcsc-lite port as a depedency. Those are the "drivers" for USB card readers if you want to use them beyond what gnupg will do.

You need to pay attention that the card reader support "extended APDUs" (or support for digital signatures, which is more likely to be announced in marketing material from the vendor). It may be OK without extended APDUs if you only use OpenPGP v2 cards and generate the keys/certs on the card itself, but if you want to go for bigger keys than documented to work on the cards (I was able to put 4k-keys on the OpenPGP v2 cards) the extended APDUs are needed. If the reader is CCID compatible, the libccid driver will probably work. You can use the opensc and pcsc-lite tools to transfer certs to the card which you created with openssl (e.g. 4k keys).


http://www.Leidinger.net alexan...@leidinger.net: PGP 0x8F31830F9F2772BF
http://www.FreeBSD.org    netch...@freebsd.org  : PGP 0x8F31830F9F2772BF

Attachment: pgpK4xoerpunU.pgp
Description: Digitale PGP-Signatur

Reply via email to