Hi,
I have a usb smart card containing my subkeys and my master key is
stored offline on a usb disk.
When I list my secret keys while the usb disk is plugged in, I get:
sec ed25519/0xF72C652AE7564ECC 2018-07-09 [C] [expires: 2027-12-21]
Key fingerprint = 8E64 FBE5 45A3 94F5 D35C D202 F72C 652A E756 4ECC
Keygrip = 35A4020C4AFC2279CEE0BC36E2CEE4EFA8C6CFD5
uid [ultimate] Damien Cassou <damien at cassou.me>
uid [ultimate] Damien Cassou <damien.cassou at wolterskluwer.com>
uid [ultimate] Damien Cassou <damien.cassou at foretagsplatsen.se>
ssb> ed25519/0xB68746238E59B548 2018-07-09 [S] [expires: 2026-01-02]
Keygrip = C89E5AABCBF7142DBC26E68FB3121DE12DCBF4FF
ssb> cv25519/0x65CD5E0200C56C17 2018-07-09 [E] [expires: 2026-01-02]
Keygrip = 867EA9F6ADBEBE18ED98253B884F53CBD53C526B
ssb> ed25519/0xF36CF32DF9B09855 2018-07-09 [A] [expires: 2026-01-02]
Keygrip = 553D56865642B05AB3C5B62DC68795691702B960
As you can see, there is a '>' character before each subkey but not
before the master key. Someone on the web has a similar setup but
doesn't have the '>' before his subkeys [1].
Is that a problem? Am I missing something important? It seems this
causes me the troubles mentioned at [1].
Recently, I changed my usb smart card and kept the same keys so I
believe I have everything needed in some form.
My private master key is symlinked in ~/.gnupg/private-keys-v1.d:
$ ls -l ~/.gnupg/private-keys-v1.d/
…
35A4020C4AFC2279CEE0BC36E2CEE4EFA8C6CFD5.key -> /media/mystick/key
…
[1] https://github.com/pinpox/pgp2ssh/issues/6
--
Damien Cassou
"Success is the ability to go from one failure to another without
losing enthusiasm." --Winston Churchill