Extending Expiration dates of gnupg keys with the private key residing on a smart card
Johannes Graumann
nonsense at graumannschaft.org
Mon Apr 10 10:46:57 CEST 2017
Hello,
This is a retake of a stackexchange.com question, wheree so far noone
chimed in ... http://stackoverflow.com/q/43296285/2103880
I had setup a working smart card setup, where the local key ring solely
contained public subkeys and secret keys resided on a smart card.
Conservatively I set the expiration date to 1 year.
The setup worked nicely and as the keys approached there expiration
date, I proceeded as follows to attempt to extend their expiration
date:
1) Kill running gpg-agent:
pkill gpg-agent
2) Import offline master key (backup):
gpg --import <KEYID>.master.key
3) Edit expiry of subkeys (pubkey):
gpg --expert --edit-key <KEYID>
- toggle keys 1, 2, 3 (sign, encrypt, authentication)
- expire: 1y
- save
4) Remove secret master keys:
gpg --delete-secret-keys <KEYID>
As a result the keys remain unavailable (expired?) to all means I
intent to use them with (kmail/kgpg/kleopatra, evolution/seahorse,
etc.).
Where did I go wrong and how may I recover?
Thanks for any pointers.
Sincerely, Joh
More information about the Gnupg-users
mailing list