Keyring management with multiple smart cards

Wiktor Kwapisiewicz wiktor at metacode.biz
Mon Dec 17 09:43:55 CET 2018


On 17.12.2018 03:28, Louis Opter wrote:
> Where is the procedure to remove shadow files documented? I found this to be
> confusing to do, hence why I favored different subkeys for different smartcards.

Uhm, this is kind of internal GnuPG details so I guess it's not documented anywhere.

But it's something like this:

$ gpg --with-keygrip -K

You get keygrip from one of your subkeys and look for a file named the same in
~/.gnupg/private-keys-v1.d. Removing, well, just use "rm" (or "mv" just in case;).

Note that this is implementation detail so it may change in the future.

> Thank you very much for your feedback Wiktor!

No problem, one thing I forgot to mention - as far as I know RFC 4880 (OpenPGP)
doesn't precise which encryption subkey to use and some implementations (e.g.
OpenKeychain) use all valid encryption subkeys (so a scheme of using one
encryption subkey per token would work).

Kind regards,
Wiktor

-- 
https://metacode.biz/@wiktor



More information about the Gnupg-users mailing list