keytocard doesn't move key

Hartmut Henkel hartmut_henkel at
Wed Apr 5 22:22:03 CEST 2006


using an SCR335 card reader with gnupg 1.4.3 under debian-sarge AMD64 i
can do

gpg --card-edit
> generate
> list

which generates new keys on the smartcard fine and puts them also into
file secring.gpg. But then trying to move the secret key to the
smartcard by

gpg --edit-key
Befehl> toggle
Befehl> keytocard

does _not_ work: The newly generated secret key persists in secring.gpg.
E. g. i can do --export-secret-key without smartcard. Gpg tells:

Really move the primary key? (y/N) y
Wählen Sie den Speicherort für den Schlüssel:
   (1) Unterschriften-Schlüssel
   (3) Authentisierungs-Schlüssel
Ihre Auswahl? 1

gpg: WARNING: such a key has already been stored on the card!

Vorhandenen Schlüssel ersetzen? (j/N) j
gpg: geheimer Schlüssel ist bereits auf einer Karte gespeichert

When i delete the secret key manually from secring.gpg, the secret key
on the card won't be found, probably as the "stub" is missing in

So the question is: How can i get the secret key away from the
secring.gpg and still have the stub so that the secret key is requested
then from the smartcard?

Thanks a lot for any hints.

Regards, Hartmut

More information about the Gnupg-users mailing list