OpenPGP card usage
Ede Wolf
listac at nebelschwaden.de
Mon Nov 2 21:24:23 CET 2009
> I admit this is a bit odd,
No, it's a pretty natural question. I had the same idea
> Now when I take the card to another computer, with an empty keyring,
> shouldn't I be able to make use of my private key stored on the card?
Wishful thinking. Unfortunately it does not work that way. At least from what
I have experienced so far.
You need the corresponding public key imported before usage on that new
machine/account and run a gpg2 --card-status afterwards to make the key on
the card known to gnupg. AFAIK there is no option like --keyring=smartcard
So next to the card you also need an usb stick to transport the public key,
when using the smartcard on a different account/machine.
Not sure wether this is also true for S/MIME. But that would probably need a
different kind of smartcard and there is no up to date documentation that I
am aware of what recent PKI/X509 cards are properly supported by linux. And
maybe you are bound to gnupg anyway.
> What am I doing wrong?
You are too optimistic about the usage of a smartcart with gnupg ;) However, I
am pretty new to this topic, too, so maybe some more experienced user will
correct me.
More information about the Gnupg-users
mailing list