content of private-keys-v1.d

Damien Goutte-Gattat dgouttegattat at
Wed Feb 8 13:31:25 CET 2017

On 02/08/2017 12:13 PM, Marko Bauhardt wrote:
> You mean that this “stub” contains no information which can be use to
> sign/decrypt/authenticate?

Yes. The stub contains only the serial number of the smartcard on which
the private key is stored.

> Or in other words in case someone steal this key, he/she can nothing
> do with that particular key, only in case the GPG key is located on
> a smartcard?

The stub is completely useless without the corresponding smartcard, yes.

> But if the key is not on the smart card this corresponding key can
> be use to sign/enc/auth?

If the key is not on a smartcard, then the file contains the whole
private key. Note, however, that the key is stored in an encrypted form,
which means that stealing the file is not enough: your attacker would
also need to know your passphrase to make any use of the key.

> I can not really find some detailed documentation of the
> `private-keys-v1.d` folder. Do you have some docu?

I don't think it has really been documented. I guess the source code 
*is* the documentation.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170208/4c1e9776/attachment.sig>

More information about the Gnupg-users mailing list