Deleting a smart card secret key stub from the secret keyring
Wouter Verhelst
w at uter.be
Mon Apr 11 14:13:18 CEST 2016
Hi,
I recently bought an OpenPGP smart card, and am now evaluating before
deciding whether to move my secret key to the card. To that end, I've
generated (and destroyed, by way of "gpg2 --edit-card"'s factory-reset
command) a number of keys.
However, I noticed that the factory-reset doesn't delete the secret key
stub from my secret keyring; and now I get this:
wouter at gangtai:~$ LC_ALL=C gpg2 --delete-secret-key b36c8212
gpg (GnuPG) 2.1.11; Copyright (C) 2016 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
sec rsa4096/B36C8212 2016-04-02 Wouter Verhelst (Debian)
<wouter at debian.org>
Delete this key from the keyring? (y/N) y
This is a secret key! - really delete? (y/N) y
gpg: deleting secret key failed: Not possible with a card based key
gpg: deleting secret subkey failed: Not possible with a card based key
gpg: deleting secret subkey failed: Not possible with a card based key
gpg: b36c8212: delete key failed: Not possible with a card based key
How do I tell GnuPG that this secret key is no longer in existence, and
that it should remove it from its list of secret keys? I've removed it
from the card, and I didn't create a backup copy (since this was only a
test key, after all).
I suppose I could just wipe out my entire secret keyring, but I'd rather
not do that, since it contains my production GPG keys...
--
< ron> I mean, the main *practical* problem with C++, is there's like a dozen
people in the world who think they really understand all of its rules,
and pretty much all of them are just lying to themselves too.
-- #debian-devel, OFTC, 2016-02-12
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: </pipermail/attachments/20160411/99082fe2/attachment.sig>
More information about the Gnupg-users
mailing list