Hi Jimmy, Jimmy Kaplowitz wrote:
I currently access my email via mutt over SSH, and therefore my private key is currently stored on that remote server. I am fully aware how bad of an idea this is, and so if what I ask above is possible, I plan to move my private key to a secure offline location, put subkeys on a smartcard that I take with me, and forward access to them over SSH to the remote email server for routine use. Hopefully I'm not the only one who wants this.
People who are serious about security would probably like to have the crypto done by the smartcard itself, or at least the computer they are sitting in front of. Therefore a better setup would be to have the encrypted data transmitted from your distant ssh host to your local host for decryption, and decrypted data sent back to your ssh host for use (or just viewed locally).
If you are just using mutt in your remote ssh shell, you could configure manually something along these lines:
1. connect to your remote ssh host using remote port forwarding, with -R4242:localhost:4242
2. on your local host, run something like this in an interactive shell: while true; do nc -l 4242 | gpg ; done3. configure your remote mutt to send the encrypted data to port 4242 on the same host, so that it gets forwarded back via your ssh connection.
This way your local gpg will get its input from the remote mutt. I did not test this, but you get the idea. -- Raphael
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
