using a smartcard without keytocard

Hauke Laging mailinglisten at
Mon Mar 22 05:11:36 CET 2010


I have just bought a gnupg smartcard, copied my subkeys to it, and it works. I 
have been using a key on several computers. Now I want the other systems to 
use the smartcard, too, so that I can delete the private keys there. The 
content of the smartcard is shown by --card-status and I could even use the 
authentication key for an SSH connection.

For SSH connections gpg-agent looks at tha smartcard by default but it does 
not for normal key lookup. I just get an error message (something like "no 
private key found") if I delete the private keys.

Is there an "official" way to tell gpg to use the smartcard? Anything except 
copying the keys to the card again (executing keytocard on all systems)?

I had the idea that exporting the secret keys on the system which initialized 
the smartcard might work. But for convenience I decided not to use the 
smartcard at home so I imported the secret keys there...

BTW: Does it make sense that the smartcard number is stored with the secret 
key stub after the keytocard command? I haven't tried but I guess that copying 
the same key to another card wouldn't work.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20100322/65a3fe17/attachment.pgp>

More information about the Gnupg-users mailing list