The smart cards significantly increase the security of my keys and don’t require me to use long passwords to secure my GPG/SSH keys on my individual machines. If the administrative PIN is entered incorrectly the card is rendered inoperable or the key is destroyed (I’m not sure which). If the PIN is entered incorrectly three times the card is blocked and must be reset using the administrative PIN. To prevent unauthorized use the smart code requires the user provide a short PIN. ![]() Software can ask the smart card to perform cryptographic operations on its behalf without disclosing the key to the computer (in fact, there is no reasonable way to extract the private key from a smart card). Smart cards let you store the private key on a tamper resistant piece of hardware instead of scattered across various computers (where it can be accessed by other users of the machine, malicious software, etc). ![]() To mitigate this problem I used a strong password on each of these keys which makes actually using them annoying. ![]() I don’t like leaving secret keys on my work computer, work laptop, various home computers, etc. I use SSH daily (with SSH keys) and would like to use GPG routinely (if only people I conversed with would use it) but key management is always a problem.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |