After I joined the FSFE Fellowship a few months ago, I received a nice OpenPGP smartcard. Now I’m using it for real, and I like it!
I’ve decided to buy two OpenPGP card readers on Kernel concepts:
- Gemalto PC Express card for my laptop
- SCM SCR-335 for my workstation
The next step is to create a key to be used with the card. There is a good tutorial on this topic on the FSFE Wiki. Only one step can be greatly enhanced: step 12, “Removing the master key from the keyring”. Here is a much easier version:
- Backup your public key:
gpg --armor --export 559C215F > publickey.asc
- Remove your private and public key from your keyring:
gpg --delete-secret-and-public-key 559C215F
- Import your public key:
gpg --import publickey.asc
- Edit your key and set its trust level to Ultimate:
gpg --edit-key 559C215F,
- Make GPG check your smartcard and recreate the secret key stubs by itself:
That’s it! Now you can return to the tutorial and test your card.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 And don't forget to have fun! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJL8+C0AAoJEMPdciX+bh5InokH/17+dG0bYU05dTqHVOIDUKch dGJ75jnO3cci9UcZeqghyH0Odi1uPpidRLWKjd1EogHNo24fb6/CwyL+6yUgW/RF No0YOKG2r6dJGqpD91v5afd70JSkwMo66CRBpsou5TM6b6bG2p6dHVg3r2pJOKwJ WoMbrsgHAAX7pGpAjhjREMLTIADwh5+5d1aQJx3qTjWNh908PVm+KN1iT9eryBWE UJb98O6Zj02I4OTX3VsBmC29FyjfISBJ7LIElZQFTV7I3BIE+FDK9H9Hnb/3psF+ G/VOgHPILzd+BxuUzo4PGVne2GMPHv6vmm+yQlgvuz5Bnn/duU8gWVc+erDC2xQ= =K7tA -----END PGP SIGNATURE-----
Many thanks to the people involved in this thread on the GnuPG mailing list for the tip!