problem signing with a smart card
Andrew Gallagher
andrewg at andrewg.com
Thu Jan 21 15:47:27 CET 2016
On 21/01/16 14:27, Antoine Michard wrote:
>
> So, what is the best to do ?? Restard my masterkey from scratch (nobody
> sign my key...) or delete my subkey on my card and copy my new subkey
> like you said ??
You shouldn't need to regenerate your master key, unless something else
is wrong with it ;-). Just revoke the subkey you created on the
smartcard, overwrite the smartcard key with a newly generated key
(making sure NOT to "save" afterwards, see previous email) and republish.
Maybe try the process out with a new temporary key to be sure you're
doing it right (don't publish it, of course).
> PS2: I can do the same with my authentication key, because if my key is
> compromise, my SSH server don't know it ! Right?
Yes. In addition, if you want the ssh server to automatically update
your auth subkeys as you create and revoke them, you could try
installing monkeysphere.
A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20160121/1425e3d8/attachment-0001.sig>
More information about the Gnupg-users
mailing list