Hi, I've a public key with two subkeys. I transferred one of the subkeys (0x6F5B8616ACB0354B) to a YubiKey 5 NFC and then restored my ~/.gnupg directory.
After that, every time I call "gpg --card-edit", the subkey previously transferred to the Yubikey is truncated without warning. This is an infinite loop. If I restore the ~/.gnupg directory from a backup and run "gpg --card-edit", the key is shortened again. Initial setup ============= # LANG=C gpg --version gpg (GnuPG) 2.2.41 libgcrypt 1.10.2-unknown Copyright (C) 2022 g10 Code GmbH License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: /home/carsten/.gnupg Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 # LANG=C gpg --list-secret-keys --with-keygrip 0x033AA0B393AFAE6C sec rsa4096/0x033AA0B393AFAE6C 2013-10-16 [SC] [expires: 2028-09-02] D17696EEDCFEC2038171D953033AA0B393AFAE6C Keygrip = AB143A7B31FBB715329D5083B317D1581B591975 uid [ultimate] Carsten Grohmann <carstengrohm...@gmx.de> uid [ultimate] Carsten Grohmann <cars...@grohmann-online.de> uid [ultimate] Carsten Grohmann <m...@carstengrohmann.de> ssb rsa4096/0x6F5B8616ACB0354B 2013-10-16 [E] [expires: 2028-09-02] Keygrip = 541DBB9E9190F1692E1EE65F14ADB13B5B0C9EA8 ssb rsa4096/0x468E025260DD710F 2023-09-04 [S] [expires: 2028-09-02] Keygrip = AA95FFE1C4A1522B819ED8AF89E9390B61D49F68 # ll ~/.gnupg/private-keys-v1.d/541DBB9E9190F1692E1EE65F14ADB13B5B0C9EA8.key -rw------- 1 carsten carsten 2055 5. Feb 2015 /home/carsten/.gnupg/private-keys-v1.d/541DBB9E9190F1692E1EE65F14ADB13B5B0C9EA8.key Executing "gpg --card-edit" =========================== # LANG=C gpg --card-edit Reader ...........: <deleted> Application ID ...: <deleted> Application type .: OpenPGP Version ..........: 3.4 Manufacturer .....: Yubico Serial number ....: <deleted> Name of cardholder: Carsten Grohmann Language prefs ...: [not set] Salutation .......: URL of public key : https://carstengrohmann.de/download/carstengrohmann.pub Login data .......: [not set] Signature PIN ....: not forced Key attributes ...: rsa2048 rsa4096 rsa2048 Max. PIN lengths .: 127 127 127 PIN retry counter : 3 0 3 Signature counter : 0 KDF setting ......: off Signature key ....: [none] Encryption key....: DD36 8F14 0651 75DE B159 3980 6F5B 8616 ACB0 354B created ....: 2013-10-16 19:39:54 Authentication key: [none] General key info..: sub rsa4096/0x6F5B8616ACB0354B 2013-10-16 Carsten Grohmann <carstengrohm...@gmx.de> sec rsa4096/0x033AA0B393AFAE6C created: 2013-10-16 expires: 2028-09-02 ssb> rsa4096/0x6F5B8616ACB0354B created: 2013-10-16 expires: 2028-09-02 card-no: 0006 18031866 ssb rsa4096/0x468E025260DD710F created: 2023-09-04 expires: 2028-09-02 Check the result - key is truncated =================================== # LANG=C gpg --list-secret-keys --with-keygrip 0x033AA0B393AFAE6C sec rsa4096/0x033AA0B393AFAE6C 2013-10-16 [SC] [expires: 2028-09-02] D17696EEDCFEC2038171D953033AA0B393AFAE6C Keygrip = AB143A7B31FBB715329D5083B317D1581B591975 uid [ultimate] Carsten Grohmann <carstengrohm...@gmx.de> uid [ultimate] Carsten Grohmann <cars...@grohmann-online.de> uid [ultimate] Carsten Grohmann <m...@carstengrohmann.de> ssb> rsa4096/0x6F5B8616ACB0354B 2013-10-16 [E] [expires: 2028-09-02] Keygrip = 541DBB9E9190F1692E1EE65F14ADB13B5B0C9EA8 ssb rsa4096/0x468E025260DD710F 2023-09-04 [S] [expires: 2028-09-02] Keygrip = AA95FFE1C4A1522B819ED8AF89E9390B61D49F68 # ll ~/.gnupg/private-keys-v1.d/541DBB9E9190F1692E1EE65F14ADB13B5B0C9EA8.key -rw------- 1 carsten carsten 1237 10. Sep 20:48 /home/carsten/.gnupg/private-keys-v1.d/541DBB9E9190F1692E1EE65F14ADB13B5B0C9EA8.key Is this an expected behaviour? Can I control it? Regards, Carsten _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
