Changing usage of master key
Resul-Cetin at gmx.net
Fri May 15 12:30:27 CEST 2009
I generated a new RSA cert/sign key. Default is to use it as sign and cert,
but I wanted to use a seperated sign subkey and use the master key only for
cert stuff. Is it possible to change it afterwards and how to do it? I have no
fear of hex editors and unix commandline tools. My first idea is to switch a
bit somewhere in a `gpg --export` and then reimport it to do a resign of the
key and upload it again to a key server.
Is there now a good way to move a subkey between two keys? The method
described at http://atom.smasher.org/gpg/gpg-migrate.txt don't work because in
the step "resign using the expire trick" doesn't work. I cannot see a usage
behind the short output of the `key` command in --edit-key and when I try to
save it after the resign, gpg will end with 2 as return code (I would assume
that the key and its subkey wasn't saved). A export and reimport afterwards
removes the "moved" key.
Can you please cc me, because I am not subscribed to the mailing list (but
will look at the archives from time to time).
More information about the Gnupg-users