Securing multiple keys with one smart card
Werner Koch
wk at gnupg.org
Fri Jan 16 11:19:05 CET 2026
On Tue, 6 Jan 2026 13:40, Bow said:
> My goal is have my private key material protected by more than just
> a usable (that is, a long but not very long) password. Ideally with
Well you can use g13 to mount your ~/.gnupg from a small encrypted
partition and that allows the use of a smartcard. I am using this for a
decade to encrypt parts of my disk. It is a bit tricky because you need
some symlinking for the non-encrypted ~/.gnupg.
> It is my understanding that GnuPG only supports OpenPGP Card smart
> cards. Is there another card type that would work?
Sure. We support all kinds of cards. But for creating keys on a card
you petter use either the OpenPGP-card or the PIV application (e.g. with
a Yubikey). PIV is not that easy to setup as the OpenPGP card but it
works. Another option is to use card which already come with keys -
there is a multitude of them, CardOS, TCOS, PKCS#15 cards, and so on.
For some of them you can also use Open Source software to create keys.
Salam-Shalom,
Werner
--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 284 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20260116/46f7740e/attachment.sig>
More information about the Gnupg-users
mailing list