Different subkeys and the use of a SmartCard

Hauke Laging mailinglisten at hauke-laging.de
Sun Dec 21 00:20:47 CET 2014

Am Sa 20.12.2014, 19:20:23 schrieb Christopher Beck:

> Third and last, thought it makes sense for gpg to use the newest sub
> key only (especially for the signing sub key), is there a possibility
> to force gpg to use a specific sub key? This question could manually
> solve question number two and could be useful for me on educational
> purposes (for example to show, what happens, if an older, perhaps
> revoked or expired, sub key is being used).

That is possible but AFAIK only via gpg command line parameters. I am 
not aware of any configuration file magic which would enforce this if gpg 
is called by another program (mail client) or gpgme is used.

If 0x11111111 is the old subkey and 0x22222222 the new one and 
0x88888888 the main key then you would usually call gpg this way:

gpg --local-user 0x88888888 --sign file

Instead you can do this:

gpg --local-user 0x11111111! --sign file

Please note the "!".

Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 603 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20141221/377aa686/attachment.sig>

More information about the Gnupg-users mailing list