Creating key stubs from smartcard without public key
Felix Winterhalter
felix at audiofair.de
Mon Jul 25 12:08:30 CEST 2016
So I've recently started experimenting with a Yubikey.
I started off by creating an encryption subkey from my master key and
moving that to the Yubikey.
This worked fine until I moved to a different computer and tried using
it there.
It didn't automatically recognize the key on the card until I imported
my publickey as well.
As far as I understand public key encryption regenerating the public key
should always be possible
using the private key (which should be stored on the card).
My expected result would have been that gpg --card-status reads the card
and then imports all keys on the card
generating the public key associated on the fly for local use.
The situation gets even more complicated if I want to have an
authentication subkey on my Yubikey and not have it bound
to any specific master key (and certainly not publish it on any
keyservers).
How can I export the ssh key (using gpg --export-ssh-key) when trying to
do so using the key id yields:
gpg2 --export-ssh-key 0x5FECDB8C8311CB07!
gpg: key "0x5FECDB8C8311CB07!" not found: No public key
gpg: export as ssh key failed: No public key
Is there any way those public keys or key stubs can be created from the
keys stored on the Yubikey or any smartcard itself?
Best regards,
Felix
More information about the Gnupg-users
mailing list