|
Size: 6083
Comment:
|
Size: 1640
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| <<TableOfContents>> | #language en ## page was renamed from TechDocs/Card_howtos ## page was renamed from TechDoku/Card_howtos ## page was renamed from Migrated/Card_howtos |
| Line 3: | Line 6: |
| Here you can find our howtos for setting up your computer to use your the [[Crypto_Card| Fellowship crypto card]]. | {{{#!wiki warning '''Historical page''' |
| Line 5: | Line 9: |
| == Setting up your card reader on GNU/Linux (udev) == | This page is largely historical. The FSFE does not offer smartcards any more. }}} |
| Line 7: | Line 12: |
| This howto has been moved to [[Card_howtos/Card_reader_setup_(udev) | another page]] | Here you can find our howtos for setting up your computer to use your the [[FellowshipSmartCard|Fellowship smart card]]. |
| Line 9: | Line 14: |
| == Setting up your card reader on GNU/Linux (hotplug) == | |
| Line 11: | Line 15: |
| Alexander Finkenberger, Karsten Gerloff, Fernanda Weiden, Georg Greve - Monday 28 November 2005 | Basic setup: Of course, you need [[http://www.gnupg.org|GnuPG]], either `gpg` or `gpg2` will do. We recommend to install `gpg-agent` and `scdaemon` as well. Depending on your system, you may need to configure udev (or hotplug, its predecessor on older systems) to work with your card reader. If `gpg --card-status` (or `gpg2 --card-status`) shows your card’s contents on a freshly booted system, such configuration should not be necessary. * [[/CardreaderSetup | Quick setup for Linux systems]] * [[/CardreaderSetup_(udev)|Setting up your card reader on GNU/Linux (udev)]] * [[/CardreaderSetup_(hotplug)|Setting up your card reader on GNU/Linux (hotplug)]] |
| Line 13: | Line 20: |
| '''This howto describes how to set up your smart card reader for use with the Fellowship crypto card on GNU/Linux systems using hotplug functionality.''' | |
| Line 15: | Line 21: |
| '''Please note:''' This is only an introductory document, aimed at a generic hard- and software setting involving GNU/Linux. For a full-length description please see the [[http://www.gnupg.org/howtos/card-howto/en/smartcard-howto.html | full-length Fellowship crypto card Howto]]. If you run into problems specific to your GnuPG setup, you may want to read other GnuPG Howtos. |
Using the card: |
| Line 18: | Line 23: |
| === What do you need to use the card? === | * [[/CardWithSubkeysUsingBackups|Using the card with subkeys (recommended)]] * [[/SshGnome|Getting gpg-agent and ssh to work on GNOME systems]] * [[/SshOpenSuse|Getting gpg-agent and ssh to work on OpenSUSE systems]] |
| Line 20: | Line 27: |
| * A smart card reader. A list of tested readers can be found [[http://www.gnupg.org/howtos/card-howto/en/ch02s02.html | here]]. * Root privileges on your GNU/linux system. * GnuPG 1.4.2 or higher. |
Outdated howtos: * [[/CardWithSubkeys|Using the card with your subkey without backups (not recommended)]] * [[/CardWithMainKey|Using the card with your main key (not recommended)]] |
| Line 24: | Line 31: |
| === Setting up the card reader === | Howtos for proprietary systems: * [[/WindowsXP|Using the card on Windows XP]] |
| Line 26: | Line 34: |
| First of all, you will need to download two files for hotplug and copy them to the hotplug configuration directory, in order to let it identify your card reader: * gnupg-ccid.usermap * gnupg-ccid Now, open a terminal and become root (you will be asked for your root password): {{{ $ su - }}} On Ubuntu systems, you should run (and then you will be asked for the user password): {{{ $ sudo su - }}} Then you will have to move the files from the directory you have saved them to, to the hotplug configuration directory: {{{ # cd /home/directory/where/you/saved/the/file (change for the right path) # cp gnupg-ccid.usermap /etc/hotplug/usb/gnupg-ccid.usermap # cp gnupg-ccid /etc/hotplug/usb/gnupg-ccid # chmod +x /etc/hotplug/usb/gnupg-ccid }}} All the configuration files are in the right place and with the right permissions by now. You will now create a group scard, give this group permission to access the smart card reader, and include the users who should have access to the card reader to this group. {{{ # addgroup scard # addgroup yourusername scard (change for the right username) # exit (to logout the root user) }}} '''Done! Your smart card reader should be working now.''' If you want to take a look on what you have in your card, plug-in the smart card reader, insert your Fellowship crypto card, and type: {{{ $ gpg --card-status }}} ''Feel free to to improve this howto!'' Licensed under the [[http://www.gnu.org/licenses/fdl.html | GNU FDL]] == Using the card with your main key (not recommended) == gerloff <gerloffSPAMFILTER@fsfe.org> - Wednesday 14 September 2005 '''This Howto gives very basic instructions for generating a GnuPG key and setting up your computer for use with the Fellowship card.''' You can use your card for several purposes. Since most people will want to use it for mail signing and encryption, this is what we're going to talk about here. This document tries to guide you through the process of setting up your Cryptocard and getting it to do what you want it to do in a not-too-technical fashion. For a start, we will only consider the situation where you generate a new GnuPG key to put onto your Cryptocard. This is the case for people who are using GnuPG for the first time. '''Please note:''' This is only an introductory document, aimed at a generic hard- and software setting involving GNU/Linux. For a full-length description please see the [[https://www.fsfe.org/card/full-length | Card Howto]] . If you run into problems specific to your GnuPG setup, you may want to read other GnuPG Howtos . === What do you need to use the card? === * You will need something to stick your card into: A smartcard reader. There are several on the market. Pick the one that best suits your needs. (Advice: The SCR 335 is small and portable, but crashes very frequently unless connected via an USB hub. And its firmware cannot be upgraded.) * Since you are going to install programs, you will need root privileges on your computer. * You will also need an installation of GnuPG 1.4.2 or higher on your computer. Debian and Ubuntu GNU/Linux users can get this on the command line via $apt-get install gnupg. All others please refer to the GnuPG download section for information and download links. === Generating a key for your card === First set up your card reader by following our card reader howto (hotplug). For newer systems, please follow the card reader howto (udev) To modify the contents of your card, use the following command: {{{ $ gpg --card-editGnuPG }}} will start again, this time giving you its own command line and awaiting your orders. You can now start to generate your own GPG key and copy it onto the card. First, enter the GnuPG's administrator mode: {{{ command> admin }}} Then, tell GnuPG to generate a key for you: {{{ command> generate }}} You will be asked if you would like to make an off-card copy of the encryption key. It is useful to say yes here. Choose if your key should expire after a certain time. Now you are asked for your real name, your email address and a comment (you don't have to enter a comment). Then confirm your information with "o". When you are asked for a passphrase, leave it blank. Now you should be able to use your Smartcard the usual way one would use GnuPG, but instead of typing in a passphrase you have to enter the PIN. Have a lot of fun with your Fellowship card! == Using your Card with subkeys only (recommended) == This howto has been moved [[Card_howtos/Card_with_subkeys | here]]. == Using your card on Mac OS X == Attention: Mac OS X is a non-free operating system!!! [[http://www.py-soft.co.uk/~benjamin/download/mac-gpg/ | cryptocard on Mac OS X]] |
|
| Line 114: | Line 36: |
CategoryCardHowtos |
[[Category/HowTo]] |
Historical page
This page is largely historical. The FSFE does not offer smartcards any more.
Here you can find our howtos for setting up your computer to use your the Fellowship smart card.
Basic setup: Of course, you need GnuPG, either gpg or gpg2 will do. We recommend to install gpg-agent and scdaemon as well. Depending on your system, you may need to configure udev (or hotplug, its predecessor on older systems) to work with your card reader. If gpg --card-status (or gpg2 --card-status) shows your card’s contents on a freshly booted system, such configuration should not be necessary.
Using the card:
Outdated howtos:
Howtos for proprietary systems: