Hi, I'm using GnuPG 2.1.19 on a Mac with a smartcard (a YubiKey NEO) holding my regularly-used subkeys - some of my keys are actually in my secret keyring, but others are only stubs. When I run gpg --card-status, each secret key is correctly marked with # when it's unavailable or > when it's stored on my smartcard. For example:
$ gpg --card-status | sed -n '/General key info/,$p' General key info..: sub rsa2048/3844A6973C6058F1 2017-04-05 Danielle McLean <d...@00dani.me> sec# rsa4096/27D076D2ACA7BABE created: 2017-04-03 expires: never ssb# rsa4096/5A5D2D1AFF12EEC5 created: 2017-04-04 expires: 2018-04-04 ssb# rsa4096/D2081794136A2F3E created: 2017-04-04 expires: 2018-04-04 ssb> rsa2048/3844A6973C6058F1 created: 2017-04-05 expires: 2018-04-05 card-no: 0006 05312011 ssb rsa2048/9D50913E336B08C1 created: 2017-04-05 expires: 2018-04-05 ssb> rsa2048/9EC155D34F33D648 created: 2017-04-05 expires: 2018-04-05 card-no: 0006 05312011 The above information is correct - I have the subkeys 3C6058F1 and 4F33D648 stored on my smartcard, the subkey 336B08C1 stored in my secret keyring, and the other secret keys aren't available. However, when I run gpg --list-secret-keys, the # marker doesn't appear on unavailable subkeys: $ gpg -K ACA7BABE sec# rsa4096 2017-04-03 [C] 83F3DCEC98D522B6A38AF5D927D076D2ACA7BABE uid [ultimate] Danielle McLean <d...@00dani.me> ssb rsa4096 2017-04-04 [S] [expires: 2018-04-04] ssb rsa4096 2017-04-04 [A] [expires: 2018-04-04] ssb> rsa2048 2017-04-05 [S] [expires: 2018-04-05] ssb rsa2048 2017-04-05 [E] [expires: 2018-04-05] ssb> rsa2048 2017-04-05 [A] [expires: 2018-04-05] It's very confusing, as it seems to indicate my secret keyring contains keys that it definitely doesn't. Why the inconsistency? Can I somehow reconfigure GnuPG so that the --list-secret-keys output includes the missing information? Thanks!
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users