gpg --card-status always create proxy private keys

Peter Lebbing peter at
Mon Feb 13 17:15:45 CET 2017

I'm not up to speed on all the fine detail. But perhaps there is a
different alternative that would work for you. GnuPG 2.1 has:

$ gpg2 --expert --edit-key [KEYID]
> addkey
Please select what kind of key you want:
   (3) DSA (sign only)
   (4) RSA (sign only)
   (5) Elgamal (encrypt only)
   (6) RSA (encrypt only)
   (7) DSA (set your own capabilities)
   (8) RSA (set your own capabilities)
  (10) ECC (sign only)
  (11) ECC (set your own capabilities)
  (12) ECC (encrypt only)
  (13) Existing key

Note option 13. You can use this to add an existing key from an OpenPGP
smartcard as well. So if you want to add existing keys from a card
infrastructure emulating an OpenPGP card, I think it could be integrated
in the same way you can, now with 2.1, add existing keys on real OpenPGP
cards. This was a workflow that didn't exist in 2.0.



I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170213/e6d309c8/attachment.sig>

More information about the Gnupg-devel mailing list