Hi all,

We use Yubikey 4's as GnuPG smart cards.  When setting up a new card, we
use 'gpg --card-edit's 'generate' command to generate keys on the card
itself.  If it matters, we do not ask for off-card backups of the keys.

Today we set up a new Yubikey from a Windows 7 system running GnuPG
2.2.10.  Its generate command did not ask us for key size, and the
result was rsa2048 keys generated on the Yubikey.

We have always generated rsa4096 keys on Yubikeys in the past.  I was
able to take the same Yubikey to a Linux computer with GnuPG 2.1.11
installed; its generate command did ask for key size, and I was
successfully able to generate rsa4096 keys on the Yubikey.

I see that the admin docs do not show the generate command asking key
size: https://www.gnupg.org/howtos/card-howto/en/ch03s03.html#id2521952.

I'm presuming that there is some other process or command option that we
must use on newer GnuPG to request larger keys to be generated on our
Yubikeys.  Can someone point me in the right direction for this information?

Thanks,
-- 
R. Steve McKown
Titanium Mirror, Inc.

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to