gnupg 'signing server'? Looking for advice on key management/security
Stephan Verbücheln
verbuecheln at posteo.de
Mon Nov 13 10:29:40 CET 2023
His original post was about signing files, not reading encrypted mails.
Of course, everything gets complicated when you want to read the same
mails from many devices.
What would be the point of such a server? Having a server like that
appears dangerous to me. How is it protecting the key better than a
smartcard?
The smartcard is convenient for precisely that scenario, you can carry
it in your pocket and use it on any device. And the Agent Forwarding
allows you to use the key on servers without physical access.
On Mon, 2023-11-13 at 09:04 +0100, Alexander Leidinger wrote:
> I'm interested to hear about a Android App which supports yubikeys
I rarely read (encrypted) mails on my phone. However, K-9 Mail plus
OpenKeychain (each available in Google Play and F-Droid) support
Yubikey (and probably any other OpenPGP smartcard) via both USB and NFC
on my Samsung phone.
https://docs.k9mail.app/en/6.400/security/pgp/
I do not like webmail, but as far as I know there are various browser
addons for PGP in webmail.
https://mailvelope.com/
Regards
Stephan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: This is a digitally signed message part
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20231113/5d95e019/attachment.sig>
More information about the Gnupg-users
mailing list