Issues with primary key & subkeys on different smartcards
pete at heypete.com
Sat Sep 7 00:08:43 CEST 2013
On Thu, Sep 5, 2013 at 8:35 PM, Pete Stephenson <pete at heypete.com> wrote:
> I wish to have a single private key file in my GnuPG keyring that
> includes stubs to the primary key on smartcard #1 and the subkeys on
> smartcard #2. This way, if I need to certify a public key belonging to
> someone else I will be prompted to insert smartcard #1. If I wish to
> sign a message or decrypt an encrypted message sent to me I will be
> prompted to insert smartcard #2.
Quick followup: I was also able to create the correct private key with
stubs pointing at both smartcards by loading the actual private keys
onto the smartcard using "keytocard", as expected.
However, I'm unable to re-create this file starting only with the
public key and running "gpg2 --card-status" for each card. It seems
like running "gpg2 --card-status" for each card should be able to
create the stubs, but if there's already a stub associated with a
particular smartcard, then running "gpg2 --card-status" doesn't seem
to have any effect other than to display the card info.
Put simply: running "gpg2 --card-status" will create one stub pointing
at the card, but running that command again with a different card only
displays the card info and doesn't add any additional stubs. This
seems inconsistent and not what I would expect.
Sorry again for the really long previous message.
More information about the Gnupg-users