Use multi-usage key in authentication slot on HW-key for encryption
Felix Mayr
felix.mayr at tum.de
Sat Apr 16 09:10:58 CEST 2022
So, I decided to use a Yubikey to store my GPG-subkeys. Using the
smartcard functionality I can store 3 different subkeys and so thought
that I could actually store some multi-usage key
(authentication/encryption) there so I can have per-key-encryption for
private-data (notably passwords with pass). However, while I can use the
main encrpytion key in "slot 2" just fine, I can't decrypt with the
"multi"-purpose key stored in the yubikey anymore (yes, I'm using
--try-all-secrets).
Is this a limitation of the smartcard standard or just an opioniated
choice in GPG or am I doing something wrong? If it's not possible with
the smartcard: can I use the PIV-mode of the yubikey for that purpose?
Regards,
Felix
More information about the Gnupg-users
mailing list