gpg --card-status

Felix E. Klee felix.klee at inka.de
Sat Dec 30 23:30:39 CET 2023 

Example output with line numbers:

    01 Reader ...........: Yubico YubiKey CCID 00 00
    02 Application ID ...: D2760001240103040006186980150000
    03 Application type .: OpenPGP
    04 Version ..........: 3.4
    05 Manufacturer .....: Yubico
    06 Serial number ....: 18698015
    07 Name of cardholder: [not set]
    08 Language prefs ...: [not set]
    09 Salutation .......:
    10 URL of public key : [not set]
    11 Login data .......: [not set]
    12 Signature PIN ....: not forced
    13 Key attributes ...: rsa4096 rsa4096 rsa4096
    14 Max. PIN lengths .: 127 127 127
    15 PIN retry counter : 3 0 3
    16 Signature counter : 0
    17 KDF setting ......: off
    18 Signature key ....: 7A0F E73D DB74 4F0F 9734  1DA7 1BE3 49D1 1B6E
       D589
    19       created ....: 2023-06-29 03:50:43
    20 Encryption key....: DBBD 3239 D0F1 4326 808D  FC8F 7CC0 2D68 D2E3
       1736
    21       created ....: 2023-06-29 03:50:43
    22 Authentication key: 7A0F E73D DB74 4F0F 9734  1DA7 1BE3 49D1 1B6E
       D589
    23       created ....: 2023-06-29 03:50:43
    24 General key info..: pub  rsa4096/1BE349D11B6ED589 2023-06-29
       Felix E. Klee (YubiKey) <yubikey at f76.eu>
    25 sec>  rsa4096/1BE349D11B6ED589  created: 2023-06-29  expires:
       never
    26                                 card-no: 0006 18698015
    27 ssb>  rsa4096/7CC02D68D2E31736  created: 2023-06-29  expires:
       never
    28                                 card-no: 0006 18698015
    29 ssb#  rsa4096/32B106F6877CC64B  created: 2023-11-22  expires:
       never

Lines 18, 20, 22: Fingerprint. I read somewhere that this a hash of the
key. But of which one? The public key? The private key? What hash
function?

Line 25: “sec>” means secret primary key. Where does the key ID come
from? Is it read from the card? Or it read from the public key ring on
disk?

Line 27: “ssb>” means secret sub key.

Line 29: “ssb#” means secret sub key, but without the matching secret
key on the card. This I just learned from Ingo Klöcker in another
thread.

If there is any authoritative documentation, please let me know! So far,
I’ve puzzled the info together, piece by piece from various resources on
the web.

More information about the Gnupg-users mailing list