Re: card-sized 4 Kbit RSA Smartcard recommendation with 3 slots

[Andrew Gallagher]

On 04/04/2019 16:10, Peter Lebbing wrote:
> I don't expect 4k RSA to be very snappy, though. You might want to
> reconsider your choice of algorithm and/or length.

On the v2.1 Zeitcontrol cards, 4096 bit RSA takes a couple of seconds
per operation. This is fine if you're just doing bits and pieces, but
when using it heavily, e.g. as an ssh auth method over ansible, it can
get *very* sluggish.

-- 
Andrew Gallagher



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: card-sized 4 Kbit RSA Smartcard recommendation with 3 slots

[Peter Lebbing]

On 04/04/2019 14:06, Thomas Glanzmann wrote:
> I'm looking for a recommendation for a cardsized 4 kbit RSA smartcard
> with 3 keyslots

Well, the ZeitControl card, which was the first OpenPGP Card on the
market, is now at version 3.3 which would seem to support what you ask
for.[1] I have no personal experience, I do have v2.0 cards (and v1.1).

I don't expect 4k RSA to be very snappy, though. You might want to
reconsider your choice of algorithm and/or length.

> At the moment I use yubikey but I aquired a laptop with a smartcard
> reader that I would like to use in order to free up an USB slot.

Be warned that there are many cardreaders that will not work with larger
keys (where "larger" can already mean 2k) or even work reliably at all
with free software. So your mileage may vary a lot.

HTH,

Peter.

[1] 


-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users