GPG, subkeys smartcard and computer
andrewg at andrewg.com
Sun Feb 19 11:24:10 CET 2017
> On 19 Feb 2017, at 08:41, Stefano Tranquillini <stefano.tranquillini at gmail.com> wrote:
> wait, If i've a subkey E (called E1) and I lose it (e.g. it was on the smartcard).
> Can't I create a new E (called E2) from my master and decrypt the data? Or the data encrypted are decriptable only by the exact E (E1 in this case) that was used to encrypt it?
You need the *exact* subkey. This is why I make such a big deal about backups! Subkeys are not "created from" the primary, but completely at random. If you create a new subkey it will be completely different from any previous ones. Attaching the subkey to a primary is just a statement saying "don't use the primary key, use this subkey instead". The keys are not mathematically related. This is a feature! ;-)
> Can't I export the subkeys to a file and backup that file and then move the keys to the card? Will I be able to restore the keys if they get lost?
Easier to just back up the entire .gnupg directory. Why complicate the restore process?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnupg-users