smartcard key change

Peter Lebbing peter at digitalbrains.com
Wed Jan 2 12:31:10 CET 2013


On 02/01/13 11:05, Fabio Coatti wrote:
> Replace existing key? (y/N) y
> gpg: secret key already stored on a card
> 
> [...]
> My guess is that gpg flags every subkey sent to card with the card
> number and checks the number when requested to install it again... but
> is there any way to tell gpg to clear that card number field?

It doesn't just flag the secret key as stored on card, the secret key in your
keyring is /replaced/ by a stub that just says the key is stored on the card. So
your secret keyring no longer contains the secret key.

You will need to recover the secret material from a backup.

At least, I am fairly sure this is the case. I have not tried it out since I
don't want to screw up the keys on my smartcards :).

You say we are talking about a signing key here, so you could also just generate
a new signing key.

Good luck,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>



More information about the Gnupg-users mailing list