Migrating to Smartcards

Marco Steinacher marco+gnupg at websource.ch
Thu Sep 1 13:32:22 CEST 2011

On 30.08.2011 20:40, Werner Koch wrote:
> On Tue, 30 Aug 2011 17:54, richard at r-selected.de said:
>> keytocard, restore the backup, insert card #2, issue keytocard again.
>> Will that cause any problems in later GnuPG use as the cards' IDs are
> Possible.  It will be easy to disable the check or - if the second
> card is used as a backup - to generate a new key -stub with the new
> serial number.  It is not cryptographically locked.

I use two smartcards with the same keys. When I switch from one card to
the other, I run the following script:

-- switch-card.sh --
echo "Removing and re-importing secret key stubs"
gpg --delete-secret-key <KEYID>
gpg --card-status

echo "Removing key from private-keys files (used by ssh-agent)"
rm -v ~/.gnupg/private-keys-v1.d/<LONGID>.key

That works perfectly for me.


OpenPGP Key ID: 0x62937F7F

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110901/d076f231/attachment.pgp>

More information about the Gnupg-users mailing list