using a smartcard without keytocard
David Shaw
dshaw at jabberwocky.com
Mon Mar 22 21:40:48 CET 2010
On Mar 22, 2010, at 12:11 AM, Hauke Laging wrote:
> Hello,
>
> I have just bought a gnupg smartcard, copied my subkeys to it, and it works. I
> have been using a key on several computers. Now I want the other systems to
> use the smartcard, too, so that I can delete the private keys there. The
> content of the smartcard is shown by --card-status and I could even use the
> authentication key for an SSH connection.
>
> For SSH connections gpg-agent looks at tha smartcard by default but it does
> not for normal key lookup. I just get an error message (something like "no
> private key found") if I delete the private keys.
>
> Is there an "official" way to tell gpg to use the smartcard? Anything except
> copying the keys to the card again (executing keytocard on all systems)?
Yes. If I understand what you are asking, the easiest way to do this is to delete the secret key on those systems, then insert the card, and do a 'gpg --card-status'. That recreates the secret key stub so GPG knows to look at the card for that key.
David
More information about the Gnupg-users
mailing list