> Gpg-agent uses the smartcard key which is identified by the $AUTHKEYID
> attribute:
>
> $ gpg-connect-agent 'scd getattr $AUTHKEYID' /bye
> S $AUTHKEYID OPENPGP.3
> OK
I get the same output for my card.
> Thus only the keys listed in ~/.gnupg/sshcontrol will be used.
The keygrip from the card is listed in sshcontrol.
> of course you need to make sure that the key is capable of signing.
I created the key with authentication flag set. It has no other flags set.
Just a general note, I did not do anything special. I just used "keytocard" to
move the key over. But unfortunately it does not work out ouf the box
afterwards.
gpg --card-status
Application ID ...:
Version ..........: 2.0
Manufacturer .....: ZeitControl
Serial number ....:
Name of cardholder: Rainer Keller
Language prefs ...: de
Sex ..............: male
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: forced
Key attributes ...: 2048R 2048R 4096R
Max. PIN lengths .: 32 32 32
PIN retry counter : 3 0 3
Signature counter : 0
Signature key ....: [none]
Encryption key....: [none]
Authentication key: XXX
created ....: XXX
General key info..: pub 4096R/A7 2014 Rainer Keller <m...@rainerkeller.de>
sec# 4096R/D8 created: 2005 expires: never
ssb 2048R/4C created: 2008 expires: 2010
ssb 2048R/CC created: 2008 expires: 2010
ssb 2048R/26 created: 2010 expires: 2012
ssb 2048R/B0 created: 2010 expires: 2012
ssb 2048R/A5 created: 2012 expires: 2014
ssb 2048R/09 created: 2012 expires: 2014
ssb 4096R/A9 created: 2014 expires: 2016 usage: S
ssb 4096R/6F created: 2014 expires: 2016 usage: E
ssb> 4096R/A7 created: 2014 expires: 2016 usage: A
card-no: XXX
Regards
Rainer
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
