Primary and Signing Key on Different Smart Cards

Anton Marchukov anton at marchukov.com
Sun Nov 20 22:50:57 CET 2016


> You will need the private key on-disk *temporarily* while setting up the
> smartcards. But with Knoppix, that "disk" can be a RAM disk in the main
> memory of your computer, obliterated once you power it off.

I think you will have to keep it as backup too in case you will want
to add another smartcard with a new subkey to an existing key or not?

Although if air gaped machine is secure then encrypting backup using
the smartcard itself and removing the unencrypted copy will do the
trick as well.



More information about the Gnupg-users mailing list