Open PGP cards and backup

Andreas Liebschner fizban at
Fri Sep 9 12:48:07 CEST 2005


I'm still playing with my card ;-)

Just in case my fellowship card breaks up, I wanted to test the
bkuptocard process. So I stick another openpgp card in the reader and
--edit my key, run bkuptocard /path/to/sk_*.gpg

Apparently it successfully imports it, but however I still see the old
card' s/n under "General key info..:". In fact, I can't sign anything
because I'm asked for the other card. (I obviousy save before quitting gpg)

I the tried to "addcardkey", and it creates the new subkey on the new
card, however I'm always asked for the old one, to sign the new key I
guess. The newly created key gets properly marked as "being on" the new

So, am I doing something wrong? For what I could understand from the man
pages, it should update that kind of information, so that I could use
this new card with the old backed up key. I also tried keytocard, but it
fails stating that a secret key is already on the card (which is true,
but shouldn't I be able to change the secret key like that, if I enter
my pins and all?)

And, is there any way for someone to "empty" the card from all the keys
stored, after entering the admin pin or something? If it isn't possible,
is it a "missing feature", or an actual feature?


Andreas Liebschner

More information about the Gnupg-users mailing list