On 20/11/16 22:50, Anton Marchukov wrote: > I think you will have to keep it as backup too in case you will want > to add another smartcard with a new subkey to an existing key or not?
Oh, good point! Maybe it's possible without on-disk keys, I'll try it out later. Otherwise: yes, it would be impossible to add new subkeys. > Although if air gaped machine is secure then encrypting backup using > the smartcard itself and removing the unencrypted copy will do the > trick as well. I'm not too sure about "removing the unencrypted copy", though. I'd much rather not have the key hit the disk anyway. By using a Linux Live CD and physically removing the cable from the hard disk. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
