problem signing with a smart card
NIIBE Yutaka
gniibe at fsij.org
Thu Jan 21 08:50:37 CET 2016
On 01/21/2016 02:54 PM, Tzafrir Cohen wrote:
> $ gpg2 --home $PWD --list-secret-keys
> /home/tzafrir/gpgtest/secring.gpg
> ---------------------------------
> sec 4096R/19765111 2013-08-08 [expires: 2023-08-06]
> uid Tzafrir Cohen <tzafrir at debian.org>
> uid Tzafrir Cohen <tzafrir at cohens.org.il>
> uid Tzafrir Cohen <tzafrir.cohen at xorcom.com>
> ssb> 3072R/0325A0CE 2014-09-29
> ssb> 3072R/AFFB7FAE 2014-09-29
> ssb> 3072R/07DAF838 2014-09-29
> ssb 2048R/BBB53C25 2016-01-21
>
> gpg2 --card-status shows keys matching to those three keys.
In the above example, you have a primary key and four sub keys. How
three keys are on your card? Please don't omit the output of gpg2
--card-status. That's mostly important to answer your question(s).
It seems that you would confuse the capability of OpenPGPcard. It has
three key slots, but the usage is defined as: sign, decrypt, and
authentication.
When you store your private key to signing slot, you can sign.
When you store your private key to decryption slot, you can decrypt.
When you store your private key to authenticationslot, you can
authenticate (say, with SSH).
I mean, you can only store a single signing key on your card.
--
More information about the Gnupg-users
mailing list