On Mittwoch, 29. November 2023 03:52:36 CET Felix E. Klee wrote: > So `gpg --card-status` imports [SC] and [E], but not [A]: > > $ rm ~/.gnupg/private-keys-v1.d/* > $ ls -a1 ~/.gnupg/private-keys-v1.d/ > . > .. > $ gpg --card-status > […] > Signature key ....: 7A0F E73D DB74 4F0F 9734 1DA7 1BE3 49D1 1B6E > D589 > created ....: 2023-06-29 03:50:43 > Encryption key....: DBBD 3239 D0F1 4326 808D FC8F 7CC0 2D68 D2E3 > 1736 > created ....: 2023-06-29 03:50:43 > Authentication key: 7A0F E73D DB74 4F0F 9734 1DA7 1BE3 49D1 1B6E > D589 > created ....: 2023-06-29 03:50:43 > […] > sec> rsa4096/1BE349D11B6ED589 created: 2023-06-29 expires: never > card-no: 0006 18698016 > ssb> rsa4096/7CC02D68D2E31736 created: 2023-06-29 expires: never > card-no: 0006 18698016 > ssb# rsa4096/32B106F6877CC64B created: 2023-11-22 expires: never > $ gpg --list-keys --keyid-format LONG --with-keygrip yubi...@f76.eu > pub rsa4096/1BE349D11B6ED589 2023-06-29 [SC] > 7A0FE73DDB744F0F97341DA71BE349D11B6ED589 > Keygrip = 0E67508AC6866D82ABB95E0B53CF5D18DC48A786 > uid [ultimate] Felix E. Klee (YubiKey) <yubikey@[…]> > sub rsa4096/7CC02D68D2E31736 2023-06-29 [E] > Keygrip = 07D6164F019D2EDF59C650992CF93776B2DD17F2 > sub rsa4096/32B106F6877CC64B 2023-11-22 [A] > Keygrip = 9C67E5BBB72EF0BF2625792F8F134CE4FD961FF5 > $ ls -a1 ~/.gnupg/private-keys-v1.d/ > . > .. > 07D6164F019D2EDF59C650992CF93776B2DD17F2.key > 0E67508AC6866D82ABB95E0B53CF5D18DC48A786.key > > To me it looks like [A] is on the Yubikey, as it should. > > *But how do I get the private key stub for [A] imported?*
If you compare the information for Signature key and Authentication key you'll notice that they are identical. Further, if you compare the information for Authentication key and the A subkey of you'll see that the key ID of the A subkey doesn't match the fingerprint of the Authentication key (which is logical because the Authentication key is identical to the SC key. Hint: Add --with-fingerprint (maybe twice) to --list-keys to see the fingerprints of the subkeys. I don't know how you did it, but it looks like you have overwritten the Authentication key on your Yubikey with the SC key. Or your Yubikey or gpg is seriously broken. Regards, Ingo
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users