El día viernes, agosto 04, 2017 a las 01:59:57p. m. +0200, Werner Koch escribió:
> On Wed, 2 Aug 2017 15:52, roman.fied...@ait.ac.at said: > > > How to decrypt large files, e.g. gpg-encrypted backups, without copying > > them to the machine with the GPG private key? > > With GnuPG 2.1 this is easy: You use ssh's socket forwarding feature to > forward gpg-agent's restricted remote socket, for example > > /run/user/1000/gnupg/S.gpg-agent.extra > > to the host and there you run gpg which will then connect back to the > agent on your desktop. For details see > > https://wiki.gnupg.org/AgentForwarding But this implies that everyone with priv access on the remote host could abuse your secret key on your localhost, especially when a GnuPG-card is used and you entered the PIN to unlock the secret key. I'm wrong? matthias -- Matthias Apitz, ✉ g...@unixarea.de, ⌂ http://www.unixarea.de/ ☎ +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub 8. Mai 1945: Wer nicht feiert hat den Krieg verloren. 8 de mayo de 1945: Quien no festeja perdió la Guerra. May 8, 1945: Who does not celebrate lost the War.
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users