Hi! On Mittwoch, 29. Mai 2024 16:14:52 MESZ Henning Follmann wrote: > Hello I do not know if this is possible or even makes sense.
The following makes totally sense. I assume you know how to do the steps you describe, if not please ask. I just add some comments. > So an initial setup including a smartcard is like this: > > - generate key pair > - add sub keys - encrypt, sign, auth > - move the private part of sub keys to smartcard > - publish public key to keyserver - To make it perfect, put the URL to the key on the card. In case of WKD you can get the URL using % gpg-wks-client --print-wkd-url <EMAIL> (this returns the most complete version, you probably want to reduce this.) Adding the URL on the card: % gpg --card-edit gpg/card> admin gpg/card> url (enter the url) gpg/card> quit > - take the master key offline > > > I want to use the smartcard to initialize gpg on a different > computer: > - plug in smartcard > - fetch the public keys from keyserver % gpg --card-edit gpg/card> fetch gpg/card> quit > - validate the public keys with the keys on smartcard You see if the card matches the fetched key. > - add the stubs for the smartcard keys to my keychain The stub will be automatically generated. > Is there a tool like this? To do all of the above automatically? Not that I am aware of. You might want to write a script. ;) Alexander
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users