Yubikey keytocard: "Bad secret key"
Peter Lebbing
peter at digitalbrains.com
Mon Feb 18 12:09:36 CET 2019
On 18/02/2019 06:51, Farhan Khan via Gnupg-users wrote:
> This was it, loading a 2048-bit key works just fine
> Thanks Andrew!
First of all, I think it's a much better idea to generate a 2048-bit key
anyway, so it worked out okay.
But the problem is interesting. Before --card-edit gained its key-attr
command, GnuPG would do the correct key-attr stuff automatically to
switch to the desired key length. Maybe it has stopped doing that now,
and you need to do:
$ gpg --card-edit
[...]
gpg> key-attr
to select the desired key length before keytocard.
At the moment, I don't have a version with key-attr at hand to quickly
test myself.
HTH,
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190218/df3a9e01/attachment.sig>
More information about the Gnupg-users
mailing list