Re: Use the same passphrase for PGP and SSH keys and get prompted only once by gpg-agent

On Wed, 28 Feb 2018 15:02, w...@gnupg.org said: > Oh no, I don't want to promote create solutions of our complex API ;-) s/create/creative/ -- # Please read: Daniel Ellsberg - The Doomsday Machine # Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. pgpGzDg0TYmpd.pgp

Re: openpgp smartcard: ssh auth speed vs. RSA key size

On Thu, 1 Mar 2018 18:18, thomas.jaro...@intra2net.com said: > We found this while creating our keys with 4096 bit and now reverted to 2048 > bit. It's secure enough and the speed hit is almost not noticeable. With a gnuk token and an ed25519 key it will even be much faster than with a RSA

Re: [FEATURE REQ] Keygrips in --card-status

On Thu, 1 Mar 2018 13:06, pe...@digitalbrains.com said: > So if --card-status would actually use the --with-keygrip option, it > would be much easier to look up the keygrip for an OpenPGP smartcard, Good suggestion. Here is the output you will see in 2.2.6 when --with-keygrip is used with

Re: Use the same passphrase for PGP and SSH keys and get prompted only once by gpg-agent

On Wed, Feb 28, 2018 at 03:02:58PM +0100, Werner Koch wrote: > On Wed, 21 Feb 2018 07:27, b...@adversary.org said: > > >> No, there is no way to configure an extra hack to also test a passphrase > >> for an ssh key. > > > > Wanna bet? > > Oh no, I don't want to promote create solutions of our

openpgp smartcard: ssh auth speed vs. RSA key size

Hello together, here's an interesting observation on ssh auth speed when using different key sizes on the openpgp smartcard: RSA 2048 bit key: 0.7s RSA 4096 bit key: 3.1s Card used is an openpgp smartcard V3.3 with gnupg 2.2.4. The ssh key is accessed via gpg-agent. We found this while

Re: gnupg SmartCard V3.3

On Thu, 1 Mar 2018 10:08, k...@glsys.de said: > i found this ct 2017-10 (german computer magazine) Article, > where they claim the reader to be working with the openpgp smartcard Version > 2.1 > by transfering precreated 4096-Bit keys. This is exactly what i am Well most drivers work on

Re: gnupg SmartCard V3.3

Thank you all for the support! The mail about needing support for the V3.3 cards in opensc pointed me in the right direction. I relied on the information that the V3.3 is backwards compatible to the V2.1 but this does not seem to be the case. Compiling a fresh gpg 2.2.5 with --enable-ccid-driver

[FEATURE REQ] Keygrips in --card-status (was: gpgsm --gen-key with key on smartcard)

On 28/02/18 20:59, Werner Koch wrote: > But that is about gpg and not about gpgsm. Currently, it's not that easy to get the keygrip for an OpenPGP smartcard key. For keys for which the public part is available, it's: $ gpg --card-status Note desired KEYID $ gpg --with-keygrip -k $KEYID Find the

Re: gnupg SmartCard V3.3

Hello Klaus, On Thursday, 01 March 2018 10:08:14 CET Klaus Römer wrote: > This is my target device because it is build-in in our Laptops, > i found this ct 2017-10 (german computer magazine) Article, > where they claim the reader to be working with the openpgp smartcard Version > 2.1 by

Re: gnupg SmartCard V3.3

> Am 28.02.2018 um 15:56 schrieb Werner Koch : > > On Tue, 27 Feb 2018 01:04, k...@glsys.de said: > >> gpg2 --version is 2.1.11 > > That is a pretty old an somewhat buggy version which will likely have > problems with newer smartcards. > >> Tried gpg (GnuPG/MacGPG2) 2.2.3 >>

Re: Fwd: gnupg SmartCard V3.3

El día Thursday, March 01, 2018 a las 09:14:15AM +0900, NIIBE Yutaka escribió: > Hello, > > Werner Koch wrote: > > @gniibe: Do you have any more up to date information on macOS and > > smartcard readers? > > If possible, I recommend to use GnuPG's in-stock driver to access >