On 13Jun06 18:07, [EMAIL PROTECTED] wrote: > On Tue, Jun 13, 2006 at 02:01:27PM +0100, Tristan Williams wrote: > > I am experimenting with the OpenPGP smartcard. I have two OpenPGP smart > > cards (smartA and smartB) and I want to verify that I can restore my > > on-card generated private key should I loose the master card > > (smartA). I only want to verify that I can do it - not discuss the > > merits of on-card vs. off-card key generation. > > > > I start with an empty ~/.gnupg > > > > For smartA I have > > > > (1) an on-card generated key > > > You can stop here. In order to use card B you need to transfer the PRIVATE > key from card A to card B. It is _impossible_ to export the private key > under any circumstances (minus backdoors/implementation bugs in the smart- > card software). Period. If you want to have the same private key on several > physical cards, your only option is off-card generation, with import of the > key afterwards. > >
Then it makes me wonder what is the purpose of the off card backup file sk_X.gpg created when the original private key was created via the on-card method? I can appreciate there might be reasons for not permitting export of the private key from the card but I did expect that restoring a private key using the backup file made at key creation time would be possible. It looks like I was wrong in that thought. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users