Different subkeys and the use of a SmartCard
Christopher Beck
beckus at beckus.eu
Sun Dec 21 01:26:02 CET 2014
On Sunday 21 December 2014 00:46:40 Christopher Beck wrote:
> Hi,
>
> On Sunday 21 December 2014 00:20:47 Hauke Laging wrote:
> > Am Sa 20.12.2014, 19:20:23 schrieb Christopher Beck:
> > > Third and last, thought it makes sense for gpg to use the newest sub
> > > key only (especially for the signing sub key), is there a possibility
> > > to force gpg to use a specific sub key? This question could manually
> > > solve question number two and could be useful for me on educational
> > > purposes (for example to show, what happens, if an older, perhaps
> > > revoked or expired, sub key is being used).
> >
> > That is possible but AFAIK only via gpg command line parameters. I am
> > not aware of any configuration file magic which would enforce this if gpg
> > is called by another program (mail client) or gpgme is used.
> >
> > If 0x11111111 is the old subkey and 0x22222222 the new one and
> > 0x88888888 the main key then you would usually call gpg this way:
> >
> > gpg --local-user 0x88888888 --sign file
> >
> > Instead you can do this:
> >
> > gpg --local-user 0x11111111! --sign file
> >
> > Please note the "!".
> >
> >
> > Hauke
>
> I tried that. And thank you!
>
> First, I tried to make an alias. This worked well for every application
> which uses gpg als a command line tool: $ alias gpg='gpg --local-user
> 0x11111111!'
>
> Second (and working for everything) was adding the line "local-user
> 0x11111111!' to the gpg.conf file! This should also work on any Windows
> host, since the method mentioned above only works on unix lie OSs.
>
> Thank you again for mentioning that option!
>
> Beckus
Sorry for this second mail, but it does not work well. It signs on the
commandline and everywhere, but using this configuration for mail clients, they
just stop sending the whole signated message... Well, I hope there is a
solution without the need of some wrapper around gpg...
Beckus
--
Christopher Beck
Gerhart-Hauptmann-Str. 1
91058 Erlangen
Tel.: 09131 / 9245437
Fax.: 09131 / 8148708
Jabber: beckus at jabber.org
EPVPN: (+49 221 59619) - 5232
More information about the Gnupg-users
mailing list