Mailing List Archive

On Montag, 29. M?rz 2021 15:09:02 CEST J Rt via Gnupg-users wrote:
> Hi all,
>
> I am using several smartcards with the same private key for redundancy in
> case I lose one of them. I have been doing so for several years, and
> occasionally changing which card I use has always been a bit of a hazzle
> (in the lines of for example the discussion here:
> https://sven-seeberg.de/wp/?p=967 ).
>
> This is not a super big deal, I can fix this easily with a method similar
> to what is explained on the blog, but still, it is a bit annoying to need
> to fix things by hand.
>
> My questions are:
>
> - is there a better / simpler way to register several cards that are
> interchangeable?
> - if not, any hope this may be added some day / where could I ask for such
> a feature / is there some WIP already working on this?

The upcoming GnuPG 2.3 (which is currently in beta testing) supports using
several smartcards with the same private key. gpg simply checks if any of the
inserted smartcards provide the secret key and then uses this smartcard. If no
inserted smartcard provides the secret key, then gpg will ask for the
smartcard registered in the stub file. But you can insert any card providing
the key. gpg does not insist on using the smartcard listed in the stub file.

This may or may not work with a recent version of gpg 2.2 already because
quite a few things were backported to the 2.2 series.

What gpg 2.3 does not do is register multiple smartcards in the stub files
and, consequently, gpg does not ask for all smartcards that provide the secret
key. It's up to you to keep track of which of your multiple smartcards provide
the needed secret key.

Regards,
Ingo

On Mon, Mar 29, 2021 at 11:08 PM Ingo Klöcker <kloecker@kde.org> wrote:

> On Montag, 29. März 2021 15:09:02 CEST J Rt via Gnupg-users wrote:
> > Hi all,
> >
> > I am using several smartcards with the same private key for redundancy in
> > case I lose one of them. I have been doing so for several years, and
> > occasionally changing which card I use has always been a bit of a hazzle
> > (in the lines of for example the discussion here:
> > https://sven-seeberg.de/wp/?p=967 ).
> >
> > This is not a super big deal, I can fix this easily with a method similar
> > to what is explained on the blog, but still, it is a bit annoying to need
> > to fix things by hand.
> >
> > My questions are:
> >
> > - is there a better / simpler way to register several cards that are
> > interchangeable?
> > - if not, any hope this may be added some day / where could I ask for
> such
> > a feature / is there some WIP already working on this?
>
> The upcoming GnuPG 2.3 (which is currently in beta testing) supports using
> several smartcards with the same private key. gpg simply checks if any of
> the
> inserted smartcards provide the secret key and then uses this smartcard.
> If no
> inserted smartcard provides the secret key, then gpg will ask for the
> smartcard registered in the stub file. But you can insert any card
> providing
> the key. gpg does not insist on using the smartcard listed in the stub
> file.
>
> This may or may not work with a recent version of gpg 2.2 already because
> quite a few things were backported to the 2.2 series.
>
> What gpg 2.3 does not do is register multiple smartcards in the stub files
> and, consequently, gpg does not ask for all smartcards that provide the
> secret
> key. It's up to you to keep track of which of your multiple smartcards
> provide
> the needed secret key.
>
> Regards,
> Ingo
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users


Ok, many thanks for the explanation! Then this means that I should "just"
wait for 2.3 :) . Hope this
comes to the next Ubuntu LTS release :) .

On Mon, 29 Mar 2021 22:52, Ingo Klöcker said:

> This may or may not work with a recent version of gpg 2.2 already because
> quite a few things were backported to the 2.2 series.

No, this has not been backported because it was a larger structural
change.


Shalom-Salam,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.