Re: Why a full keys and sub keys backup are not proposed when keys and sub keys are done on-card ?
On Sun, 27 Sep 2009 20:59, tux.tsn...@free.fr said: Thanks for your answer, I'm agree with you for sign key, but for the authentication key, if it's used to ssh server connection on more than 100 servers for the user root for example, if you lost this key, you It is always a tradeoff between security and convenience. Most users don't have access to that many machines and thus it is easier to use a console login to replace the lost key than to have a backup somewhere floating around. It is anyway only the default and you can just replace the authentication key with an on-disk created one. Or manually initialize the card using keytocard. Another approach is to have a second card and also install its public key on the servers. Salam-Shalom, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Why a full keys and sub keys backup are not proposed when keys and sub keys are done on-card ?
Hi Werner, Thanks for these informations. Best Regards - Mail Original - De: Werner Koch w...@gnupg.org À: tux tsndcb tux.tsn...@free.fr Cc: gnupg-users@gnupg.org Envoyé: Lundi 28 Septembre 2009 09h34:28 GMT +01:00 Amsterdam / Berlin / Berne / Rome / Stockholm / Vienne Objet: Re: Why a full keys and sub keys backup are not proposed when keys and sub keys are done on-card ? On Sun, 27 Sep 2009 20:59, tux.tsn...@free.fr said: Thanks for your answer, I'm agree with you for sign key, but for the authentication key, if it's used to ssh server connection on more than 100 servers for the user root for example, if you lost this key, you It is always a tradeoff between security and convenience. Most users don't have access to that many machines and thus it is easier to use a console login to replace the lost key than to have a backup somewhere floating around. It is anyway only the default and you can just replace the authentication key with an on-disk created one. Or manually initialize the card using keytocard. Another approach is to have a second card and also install its public key on the servers. Salam-Shalom, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
poldi logon screen
Hi all, This is the last functionnaly than I've to setup. I'm on debian squeeze with limpam-poldi 0.4.1-2, I can logon with my smartcard, so poldi is ok, but I've the normal debian logon screen, not the poldi screen like this : http://www.g10code.com/graphics/poldi-screenshot-gdm.png So my question, how to have this logon screen ? Thanks in advanced for your answer. Best Regards. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
