OpenPGP card usage

Ede Wolf listac at
Mon Nov 2 21:24:23 CET 2009

> I admit this is a bit odd, 

No, it's a pretty natural question. I had the same idea

> Now when I take the card to another computer, with an empty keyring,
> shouldn't I be able to make use of my private key stored on the card?

Wishful thinking. Unfortunately it does not work that way. At least from what 
I have experienced so far. 
You need the corresponding public key imported before usage on that new  
machine/account and run a gpg2 --card-status afterwards to make the key on 
the card known to gnupg. AFAIK there is no option like --keyring=smartcard
So next to the card you also need an usb stick to transport the public key, 
when using the smartcard on a different account/machine. 

Not sure wether this is also true for S/MIME. But that would probably need a 
different kind of smartcard and there is no up to date documentation that I 
am aware of what recent PKI/X509 cards are properly supported by linux. And 
maybe you are bound to gnupg anyway. 

> What am I doing wrong?

You are too optimistic about the usage of a smartcart with gnupg ;) However, I 
am pretty new to this topic, too, so maybe some more experienced user will 
correct me. 

More information about the Gnupg-users mailing list