[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Saw an exchange of correspondence on the IRC about adding gpg keys to a smart card For those interested, I cheated and even then got things wrong... 1/ I paid to join www.fsfe.org to put some money into keeping free software 2/ Got the card and follow the directions a) Installed the appropriate drivers https://www.fsfe.org/en/card/howto/card_reader_howto_udev b) Then tried to set up my card with subkeys only. http://www.fsfe.org/en/card/howto/subkey_howto Here is where I went wrong: at step 4.2.1: addcardkey What happened is that the keys did not transfer over smoothly, 2 sub-keys, but not the third. To cut a long story short I ended up deleting my original decryption subkey and had to obtain a new GPG key Recommended solution - Back up your entire .gnupg directory. The whole thing and store it someplace safe. Check that the back up is good (I know the bleeding obvious, my back up was not good) Check that you have a revocation key just in case - Then run addcardkey. If you get a problem, then remove the card from the reader. Insert and retry. This worked - Follow the rest of the directions - check that the card works. Then and ONLY then should you upload your new key to the key servers If all goes pear shaped, go back to your back up .gnupg and restore the directory and start again Since then the card has worked like a dream (I am running Debian Etch). Couple of points to note: - Your signature key will have changed - Your decryption key will have changed: therefore if you receive an email to your previous key then you will addback your old key If I can be of any help, please let me know: nick is henry on the irc. Apologies if I forget to say I am away... PS. Next step (I have a lot of those!) is to add my ssh keys to it -- Henry Sat Mar 24 14:01:42 GMT 2007
Attachment:
signature.asc
Description: Digital signature
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html