On Sun, 27 Sep 2009 20:59, tux.tsn...@free.fr said: > Thanks for your answer, I'm agree with you for sign key, but for the > authentication key, if it's used to ssh server connection on more than > 100 servers for the user root for example, if you lost this key, you
It is always a tradeoff between security and convenience. Most users don't have access to that many machines and thus it is easier to use a console login to replace the lost key than to have a backup somewhere floating around. It is anyway only the default and you can just replace the authentication key with an on-disk created one. Or manually initialize the card using keytocard. Another approach is to have a second card and also install its public key on the servers. Salam-Shalom, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users