Second OpenPGP-card
Jacob Bachmeyer
jcb62281 at gmail.com
Tue Feb 27 01:40:26 CET 2024
Matthias Apitz wrote:
> [...]
> Said/showed that, I can't imagine that, when I SCP the file
> .password-store/test.gpg to another mobile with another OpenPGP card,
> that this system would be able to decrypt the file and reencrypt it
> again with the new card.
Correct. You must first copy the *new* public key to the *old* system
and re-encrypt the password store to *both* public keys on the *old*
system, then transfer the encrypted blobs to the new system.
If you want to continue to use both cards, you will also need to copy
the *old* public key to the *new* system and arrange for it to also
encrypt the password store to *both* keys. Once that is done, you may
use any method to synchronize the encrypted blobs between the systems
and you will have your passwords on both systems.
While you are here, this is a good time to remind you to regularly check
the list of public keys used with your password store. If Mallory can
sneak *his* key onto that list, he will be able to get your passwords!
-- Jacob
More information about the Gnupg-users
mailing list