openpgp card problem

Werner Koch wk at gnupg.org
Thu Jan 25 22:44:06 CET 2007


On Thu, 25 Jan 2007 17:54, j.lysdal at gmail.com said:

> Can i restore my public key with only the card?

You will be abale to create a key which can be used to decrypt stuff.
However it is not possible to exactly re-create the public key because
the signatures (including the self-signatures) are not stored on the
card.  so either send it to a keyserver or keep a local copy
soemwhere.  It is a good idea to put the key on some webpage and then
let the URL field (--edit-key) point to it.

> Do i need to backup my "secret key" from my local keyring or can i
> restore it from my card?

It is just a stub which tells gpg the number of the card so that gpg
can ask you to insert the corresponding card.  If no key is available,
gpg will create that stub automagically from the card. 

> In case im asked to type the admin pin, and i dont type anything, but
> just presses enter, will it result in 1 wrong attempt?

No.  There is a basic check done to assure that the PIN is at least 6
or 8 (for the Admin-PIN) characters long.  This check is done before
the PON is send to the card and thus it does not count as a wrong
attempt.

> Suppose i type the admin pin wrong 2 times, and the third time it is
> correct, will the "wrong pin" counter reset?

Yes.  But you better wait a few minutes to think about your PIN ;-)


Shalom-Salam,

   Werner




More information about the Gnupg-users mailing list