gpg --card-status always create proxy private keys

NIIBE Yutaka gniibe at
Mon Feb 13 09:03:54 CET 2017

Alon Bar-Lev <alon.barlev at> writes:
> This is a change in behaviour, I believe resulted by this[1] commit.
> Everytime gpg --card-status is executed the proxy private keys at
> ~/.gnupg/private-keys-v1.d/ are created, also if no matching public
> key in gpg.
> It has the side effect of having duplicate keys when trying to
> generate keys using gpg --card-edit without actually re-generate the
> key on the card (return the same keygrip).
> As a result usage of scd which only capable of reusing keys such as
> PKCS#11 is now broken.

I don't understand your description above.  Could you elaborate?

BTW, the change which introduce creating a shadow key by --card-status
is this (not the one you addressed):

commit f3f9f9b2844c35f7942ee904d5222523615cdad4
Author: Werner Koch <wk at>
Date:   Fri Dec 12 12:35:45 2014 +0100

    gpg: Let --card--status create a shadow key (card key stub).

More information about the Gnupg-devel mailing list