Extending Expiration dates of gnupg keys with the private key residing on a smart card
nonsense at graumannschaft.org
Mon Apr 10 10:46:57 CEST 2017
This is a retake of a stackexchange.com question, wheree so far noone
chimed in ... http://stackoverflow.com/q/43296285/2103880
I had setup a working smart card setup, where the local key ring solely
contained public subkeys and secret keys resided on a smart card.
Conservatively I set the expiration date to 1 year.
The setup worked nicely and as the keys approached there expiration
date, I proceeded as follows to attempt to extend their expiration
1) Kill running gpg-agent:
2) Import offline master key (backup):
gpg --import <KEYID>.master.key
3) Edit expiry of subkeys (pubkey):
gpg --expert --edit-key <KEYID>
- toggle keys 1, 2, 3 (sign, encrypt, authentication)
- expire: 1y
4) Remove secret master keys:
gpg --delete-secret-keys <KEYID>
As a result the keys remain unavailable (expired?) to all means I
intent to use them with (kmail/kgpg/kleopatra, evolution/seahorse,
Where did I go wrong and how may I recover?
Thanks for any pointers.
More information about the Gnupg-users