-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all!
I would like to use my O.card to securely hold an encryption key to be used by the Linux "crypto filesystem". This fs uses an utiulity "losetup" at startup which asks for a passphrase/keyword to be used as encryption/decryption key. losetup can be configured to use a file descriptor to read this info from a file. OK. Next thing is: I don't want to let the card do all the encryption ;-) (I think it would be a little bit slow... although the key would stay savely inside the card...) Next thing (which works here), was to use a gpg encrypted file containing the passphrase(es) and doing something like "cat ~/.crypto-fs-key.gpg|gpg -q --decrypt -r 0xdeadbeef 2>/dev/null" but one problem was gpg spitting out these "Please insert...." and "PIN" info on stdout, and I'm not very comfortable with my passwords lying around on the disks... (altough they *are* encrypted). What I would like would be to pull out some secret key (or plain data) and handle it over to losetup directly. I know that then the key can no longer be viewed as secure as it leaves the card, but that would be ok for me. Anyone who thought about a scenario like this? TIA. Salut, Jörg - -- gpg/pgp key # 0xd7fa4512 fingerprint 4e89 6967 9cb2 f548 a806 7e8b fcf4 2053 d7fa 4512 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) iD8DBQFCY8ka/PQgU9f6RRIRAtRLAKCcUWd5bciKrlgBoYbkqZIMyXO9iQCeNq5J puPvoTIxUYDv9BA4BD1B+X8= =aqrB -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users