Yubikey keytocard: "Bad secret key"

Valentin Cocaud v.cocaud at gmail.com
Mon Nov 4 15:36:35 CET 2019

On Feb 18, 2019; 12:09pm, Peter Lebbing wrote:
> Maybe it has stopped doing that now,
> and you need to do:
> $ gpg --card-edit
> [...]
> gpg> key-attr
> to select the desired key length before keytocard.
> At the moment, I don't have a version with key-attr at hand to quickly
> test myself.


I have tested this for you with my Yubikey 5 NFC.
It worked like a charme. I can now move my 4096 RSA keys to my Yubikey
without any problem.

You have to enter in admin to enable `key-attr` command in the gpg console:

$ gpg --edit-card
gpg/card> admin
gpg/card> key-attr

Perhaps a more explicit error message could be a good thing.


Sent from: http://gnupg.10057.n7.nabble.com/GnuPG-User-f3.html

More information about the Gnupg-users mailing list