making a Debian Live CD for managing GnuPG master key and smartcards
Dashamir Hoxha
dashohoxha at gmail.com
Tue Apr 26 12:52:47 CEST 2016
On Tue, Apr 26, 2016 at 9:53 AM, Daniel Pocock <daniel at pocock.pro> wrote:
>
> There has been some discussion on debian-devel[1] about making a
> bootable Debian Live CD specifically for GnuPG
>
> The benefit is that everything on the CD is self-contained, it can't be
> tampered with, it can run without network support in the kernel and the
> workflow would be controlled by a script. All the details, including
> workflow, are described in a wiki[2]
>
> I have some questions about this:
>
> - has anybody already seen anything like this? Nobody likes
> re-inventing the wheel
>
> - can we call all the necessary GnuPG commands from a script without the
> user interacting directly with GnuPG, using "--batch" / unattanded
> operation? The sequence of commands involved would be similar to this
> blog[3]
>
> - what would be the preferred way for the GUI to obtain and keep the
> master key passphrase without prompting the user to re-enter it for
> every operation?
>
> - would anybody else like to suggest improvements to the workflow?
>
A project similar in goals (simplifying GnuPG by automating tasks and
emphasising best practices) is this one: https://github.com/dashohoxha/egpg
You can find the answer to some of the questions above by looking at its
code.
But I really think that you can incorporate it in your project, maybe
extending it with new workflows that it doesn't have yet (related to using
smartcards etc.).
In my opinion, the first thing to be done is to build a .deb package for
it, so that it can be installed easily on all Debian derived systems, then
you can also use it in your special Live CD system.
This is the task about it: https://github.com/dashohoxha/egpg/issues/19
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20160426/adbc63c0/attachment.html>
More information about the Gnupg-users
mailing list