Different subkeys and the use of a SmartCard

Hauke Laging mailinglisten at hauke-laging.de
Sun Dec 21 01:16:26 CET 2014

Am So 21.12.2014, 00:46:40 schrieb Christopher Beck:

I noticed that too late: You shall always reply to the list. Usually I 
demand a list reply first before I answer.

> First, I tried to make an alias. This worked well for every
> application which uses gpg als a command line tool: $ alias gpg='gpg
> --local-user 0x11111111!'

That is hard to believe for the simple reason that applications (even 
shell scripts) don't see shell aliases.

You would have to either replace the gpg binary with a wrapper script 
(which would be overwritten by every update) or put the wrapper script 
earlier in the PATH (for the relevant applications). The wrapper script 
would have to detect and replace

--local-user 0x11111111

in all variants (-u, long ID, fingerprint) and pass the changed parameter 
together with the unchanged rest to gpg.

I have suggested some time ago to make the config file conditional. There 
was little enthusiasm about that. For these rather simple case a new 
option would be sufficient:

--key-replace sign 0x88888888 0x11111111

But my suggestions are seldom turned info effect. Make a big donation. 

> Second (and working for everything) was adding the line "local-user
> 0x11111111!' to the gpg.conf file!

Interesting idea. But I assume that leads to each (i.e. not only those 
requested from 0x88888888) signature being not replaced but being 
extended by one from 0x11111111.

Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 603 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20141221/da382b9d/attachment-0001.sig>

More information about the Gnupg-users mailing list