Hello Anton,
> 1. I have gpg 2.1.11. What is your gpg2 --version ?
I did that with Debian package 2.1.11-7.
> 2. Since YubiKey is a usb token and my primary card is a plastic
> smartcard from ZeithControl they are in fact located in two different
> readers.
Ah, that sounds like a likely culprit
> readers. I found that gpg is not able to locate card if more than one
> reader is present and somehow always default to some first card it
> sees. To mitigate this I had to always remove the reader along with
> the card. And then of cause have to reinsert it back. May it be that
> gpg expects car
Hello Peter.
Thanks for your detailed instructions. As FOSDEM keysigning is
approaching I finally found some time to test it with my setup.
Unfortunately I am unable to pass through the step when you need to
swap the cards during subkey generation:
>
> Now let's add subkeys on the other card. Gnu
On 21/11/16 12:04, Peter Lebbing wrote:
> Ah! I don't have time right now, but once I do, I'll try to see to write
> up some instructions...
Here are instructions for doing this on 2.1. First let me point out:
On 20/11/16 22:50, Anton Marchukov wrote:
> I think you will have to keep it as backup
On 21/11/16 11:04, Peter Lebbing wrote:
>>> >> rather trust GnuPG's random number generator than the one on a cheap
>>> >> smartcard
>>> >> (or any smartcard for that matter). So I would recommend to not use the
>>> >> on-card
>>> >> key generation feature anyway.
>> >
>> > That's quite an inter
On 20/11/16 22:50, Anton Marchukov wrote:
> I think you will have to keep it as backup too in case you will want
> to add another smartcard with a new subkey to an existing key or not?
Oh, good point! Maybe it's possible without on-disk keys, I'll try it
out later. Otherwise: yes, it would be impo
On 20/11/16 22:48, Anton Marchukov wrote:
>> Which version, GnuPG 2.0 or 2.1? I think you can use 2.1 to reach the desired
>> outcome without difficulty, even if it might be a bit non-standard.
>
> I have 2.1.11
Ah! I don't have time right now, but once I do, I'll try to see to write
up some inst
On Thu, Nov 17, 2016 at 7:45 PM, Arthur Ulfeldt wrote:
> I have a similar setup and have been doing it successfully. I have two
> yubikey neos with signing keys. I found that because of bugs in gpg 2.1 I
That's interesting as I want exactly that - two yubikeys for signing.
Will be bale to try tha
> You will need the private key on-disk *temporarily* while setting up the
> smartcards. But with Knoppix, that "disk" can be a RAM disk in the main
> memory of your computer, obliterated once you power it off.
I think you will have to keep it as backup too in case you will want
to add another sma
> Which version, GnuPG 2.0 or 2.1? I think you can use 2.1 to reach the desired
> outcome without difficulty, even if it might be a bit non-standard.
I have 2.1.11
> Can we first get out of the way which exact version of GnuPG you're using? If
> you're using 2.0, start with the threads linked abo
On Thu 2016-11-17 13:45:25 -0500, Arthur Ulfeldt wrote:
> PS: the bug is that gpg will only use the newest signing key, rather than
> the newest signing key that is available now.
I believe this bug is tracked upstream at
https://bugs.gnupg.org/gnupg/issue1983 -- it would be great if someone
want
I have a similar setup and have been doing it successfully. I have two
yubikey neos with signing keys. I found that because of bugs in gpg 2.1 I
had to put the same signing key onto both neos. Once I did that it worked
smoothly. It would be preferable to use different keys and I'll do that if
these
On 17/11/16 17:13, Peter Lebbing wrote:
> You will need to have the private key on-disk for both versions, I'm
> afraid.
You will need the private key on-disk *temporarily* while setting up the
smartcards. But with Knoppix, that "disk" can be a RAM disk in the main
memory of your computer, obliter
On 17/11/16 15:02, Anton Marchukov wrote:
> Now based on my review I have found the situation in gpg2 to be the following:
Which version, GnuPG 2.0 or 2.1? I think you can use 2.1 to reach the desired
outcome without difficulty, even if it might be a bit non-standard.
> 1. Using multiple smartcar
Hello.
I did some research myself and came to conclusion that this is not
supported. Was about to submit a feature request, but it is better to
ask for help here first.
The use case that I want to implement is the following:
1. I have an OpenPGP v2 smart card (regular plastic card) where I want
15 matches
Mail list logo
