>> The eToken is basically a smartcard that plugs into USB. > I still don't really understand the difference apart from it containing > a key that I match against. Which is in essence what I was asking to > do with a USB block device which looks much cheaper than the eToken.
Typically, the difference is that it's not just a key you can read, but instead the key is kept hidden inside the smartcard and you can only ask the smartcard to use the key. Think of it this way: you can ask the smartcard to decrypt some encrypted data you provide, and if it succeeds, it proves to you that it knows the secret key. But you can't directly read the secret key, which means you can't easily copy the smartcard. Real smartcards probably don't work the way I described, but I hope it gives you some idea of how a smartcard can be different from a plain USB mass storage holding a secret key. Stefan -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/jwvipxuyd94.fsf-monnier+gmane.linux.debian.u...@gnu.org