problem signing with a smart card

Andrew Gallagher andrewg at
Thu Jan 21 15:47:27 CET 2016

On 21/01/16 14:27, Antoine Michard wrote:
> So, what is the best to do ?? Restard my masterkey from scratch (nobody
> sign my key...) or delete my subkey on my card and copy my new subkey
> like you said ??

You shouldn't need to regenerate your master key, unless something else
is wrong with it ;-). Just revoke the subkey you created on the
smartcard, overwrite the smartcard key with a newly generated key
(making sure NOT to "save" afterwards, see previous email) and republish.

Maybe try the process out with a new temporary key to be sure you're
doing it right (don't publish it, of course).

> PS2: I can do the same with my authentication key, because if my key is
> compromise, my SSH server don't know it ! Right?

Yes. In addition, if you want the ssh server to automatically update
your auth subkeys as you create and revoke them, you could try
installing monkeysphere.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20160121/1425e3d8/attachment-0001.sig>

More information about the Gnupg-users mailing list