Configure PGP on an ePass2000

In this final section of this tutorial, we will detail how to configure PGP for token usage.

Requirements

In order to use 'PGP on a token', you need:

• An ePass2000 cryptographic token, obviously
• PGP 8, any paid-for version. The freeware version will not work.

It it also assumed that the token has been formatted and that the drivers for the token are installed.

Configuration of PGP

First of all, open the PGPKeys application and go to the advanced tab of the options dialog.

Go to the Smart Card Support drop down box and select Other.

Enter the location of the ePass pkcs#11 dynamic link library, which is by default installed in c:\windows\system32\ep2pk11.dll. Click close twice and your PGP is ready to use the token.

Generating a key on the token

First, open the new key creation wizard.

Click on Expert

Enter the required name and e-mail address and select the 'Generate key on Smart Card' checkbox.

After waiting for about 30 seconds, the key has been generated on the smart card and you are ready to use it.

Using it

Use PGP normally as you would do when the private key is in the private key file on your hard disk. When asked to enter the passphrase, enter the pin code of the token instead.

PGP will automatically detect when the token is taken out of the USB port and put back in. Below are two screenshots showing the difference in PGPKeys: in the first the token is in the USB port, in the second it has been removed, showing that PGP at that point only knows about the public key.