import key to smart cards

koladina koladina at web.de
Tue Oct 5 13:18:00 CEST 2010


Hello eyeryone,

I´ve got a special question concerning GnuPG and smart card
My question is: How can I import a (sec-pub-)key which was
generated on a crypto stick (containing an integrated smart card)
into another crypto stick? A crypto stick like:
http://www.privacyfoundation.de/crypto_stick/crypto_stick_english/

Normaly it should work by using the keytocard-command:
http://www.gnupg.org/howtos/card-howto/en/ch05.html#id2523191
But in my case (and I guess I´m not the only one) the process can´t
conclude. See my example here:

___________________________

office:~ home$ gpg2 --edit-key F4C8....
gpg (GnuPG/MacGnuPG) 2.0.14; Copyright (C) 2009 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

pub  2048R/F4C8....  created:  2010-02-17 expires: never   usage: SC
                     trust: ultimate      validity: ultimate
sub 2048R/DAE5.... created: 2010-02-17 expires: never      usage: A
sub 2048R/BD84.... created: 2010-02-17 expires: never 	usage. E
[ultimate] (1). <my at mailaddress.org>

Command> toggle
sec   2048R/F4C8.... created:  2010-02-17 expires: never
			   card number:0006 000002FD
ssb 	2048R/DAE7.... created:  2010-02-17 expires: never
			   card number:0006 000002FD
ssb  	2048R/BD84.... created:  2010-02-17 expires: never
			   card number:0006 000002FD
(1) name <my at mailadress.org>

Command> keytocard
Really move the primary key? (y/N) y
Signature key ....: E5B0 AA49 39A0 01D1 29A9  9042 28D4 524A 2AB4 7879
Encryption key....: 93CF AB4A AD27 DEC3 986E  C90F 2AEB 898F F651 78AC
Authentication key: BA48 357B 5E13 9D2A 4E14  AEB7 07A6 51FA 53CD 0819

Please select where to store the key:
   (1) Signature key
   (3) Authentication key
Your selection? 3

gpg: WARNING: such a key has already been stored on the card!

Replace existing key? (y/N) y

gpg: secret key is already stored on a card

Command>
_____________________________

The problem seems to be either that GnuPG blocks importing the key
because the key is already stored on another card. Or GnuPG „things“
the key is already stored on the card on which I want to import the key.
Is there a way to work with a trick in order to „persuade“ GnuPG to do
that nevertheless (to allow the key-import). Does anyone know the trick?

A big thanks in advance

Kola



More information about the Gnupg-users mailing list