Felix E. Klee wrote:
After I unlock an OpenPGP SmartCard V2.1 in my SPR332 [mod][1], I can
use it to decrypt as many files as I want. While this is convenient, it
is not great if the system is compromised and I forget to unplug the
card reader.
Is there any way to limit how long the OpenPGP SmartCard remains
unlocked?
Does your smartcard reader have its own keypad for entering the PIN? If
not and you are concerned about a possible system compromise, you have
bigger problems, like the possibility for your smartcard PIN to be
stolen as you enter it. If you then leave the card in the reader,
Mallory can abuse it at his leisure. Even if you only insert the card
when you intend its use, Mallory could plant malware that waits for the
card to be inserted, then abuses it.
-- Jacob
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
