Same key on different smart cards

Hauke Laging mailinglisten at
Thu Dec 13 10:43:56 CET 2012

Am Do 13.12.2012, 08:43:53 schrieb Richi Lists:

> But as far as I understand, for eMail signing and decryption, it needs
> to be the same key on all cards.

I have not checked that but I don't think so. Wouldn't make sense. When using 
key A, why should gpg-agent care, where key B is stored?

> I set up two crypto sticks to contain the same sub keys. But the unique
> id of the card seems to be stored in the private key stub
> (~/.gnupg/secring.gpg). Thus if I try to use the second card, I get an
> error telling me to insert the correct card.

What do you want? The signing key on one smartcard, the decryption key on the 
other? If so, why have you stored both keys on the same card?

> Is it possible to manage the same identity with multiple smart cards?

That is a different problem. This is not directly supported by GnuPG but 
possible by a workaround: After changing the smartcard you can delete the 
secret keys and register the smartcard afterwards. Then the card reference is 

PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 572 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20121213/f7a4ccdf/attachment.pgp>

More information about the Gnupg-users mailing list