Matthias Apitz wrote:
[...]
Said/showed that, I can't imagine that, when I SCP the file
.password-store/test.gpg to another mobile with another OpenPGP card,
that this system would be able to decrypt the file and reencrypt it
again with the new card.
Correct. You must first copy the *new* public key to the *old* system
and re-encrypt the password store to *both* public keys on the *old*
system, then transfer the encrypted blobs to the new system.
If you want to continue to use both cards, you will also need to copy
the *old* public key to the *new* system and arrange for it to also
encrypt the password store to *both* keys. Once that is done, you may
use any method to synchronize the encrypted blobs between the systems
and you will have your passwords on both systems.
While you are here, this is a good time to remind you to regularly check
the list of public keys used with your password store. If Mallory can
sneak *his* key onto that list, he will be able to get your passwords!
-- Jacob
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
