Thank you for your quick response. A couple of follow-up questions: Im noticing that in an "empty" gpg-installation, when I run the --card-edit command, gpg creates the keyring files (0 bytes in size) in the homedir. When I then run the generate command to create keys on the card the keyring-files grow to a couple of bytes in size (secring containing stubs that point to the card, right?) and pubring.gpg containing the public key (since I can encrypt only when the card is not inserted).
So even if I generate the keys directly on the smartcard, using --card-edit and generate commands, do the actual public key key mass populate the smart card? Follow-up question 2: If I "fetch" the public key from a keyserver, on a computer with an empty gpg installation, and import it, does that store the public key on the card or is pubring.gpg created and populated? /Astrakan On 2011-03-31 16:52, Werner Koch wrote: > On Thu, 31 Mar 2011 15:51, [email protected] said: > >> my pubring.gpg/secring.gpg) I must also have a card containing the >> trustdb-file and perhaps even a gpg.conf file? > No, you don't need the internal stuff like trustdb and pubring. Take > the public key from a keyserver or another resource and import it. The > card has a convenient field to store an URL to retrieve the public key > (actually the keyblock with user ids and signatures). Use the "fetch" > sub command of the --card-edit command. > > Cards are way too small to store a non-simple OpenPGP keyblock; many of > them are over 100k in size. > > > Salam-Shalom, > > Werner > _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
