How do I make the private key on a OpenPGP smartcard non exportable ?

NdK ndk.clanbo at
Mon Jun 17 23:31:52 CEST 2013

Il 17/06/2013 20:22, T L ha scritto:
> Under GPA in windows there is a option to backup the private key from a
> OpenPGP smartcard.
The smartcard protocol of a standard OpenPGP card doesn't allow it.
MyPGPid card will allow a controlled export.

> My understanding is that one of the main purposes of
> smartcard use is to prevent the private key from being exported and
> force cryptographic operations through the card.
Roughly speaking, yes.

> Is there a method of
> setting the private key non exportable that I am unaware of ?
If the key is generated on-card, you have no way to backup it. No need
for "unexportable" flag: simply there's no command to export it.

> If not then what am I missing ?
The whole point of using a smartcard? :)

> How is this more secure than a password protected file ?
Since the key is never available to the host, there's no way a malicious
software can copy it.


More information about the Gnupg-users mailing list