Page MenuHome GnuPG

"gpg --card-status" does not add any entries to the private key ring
Closed, ResolvedPublic



Event Timeline

ikarisan set Version to 2.1.17.
ikarisan added a subscriber: ikarisan.


I am using a GPG smartcard and a YubiKeyNEO. And with GnuPG 2.0.xx it was
possible to
add the private keys' reference (on the card) to the keyring by calling:

gpg --card-edit


gpg --card-status

But now with GnuPG 2.1.17 this seems no longer be possible.
After fetching the public key for the card and calling "gpg --card-status"
the keys
are listed as public keys only but not as private keys. So I cannot set
their trust
level to ultimate or use them to encrypt my mails. :(

gpg --card-status

Reader ...........: SCM Microsystems Inc. SCR33x USB Smart Card Reader 0
Application ID ...: D2760001240102000000000000020000
Version ..........: 2.0
Manufacturer .....: test card
Serial number ....: 00000002
Name of cardholder: Thorsten Reichelt
Language prefs ...: de
Sex ..............: männlich
URL of public key :
Login data .......: shinji
Signature PIN ....: nicht zwingend
Key attributes ...: rsa2048 rsa2048 rsa2048
Max. PIN lengths .: 127 127 127
PIN retry
counter : 3 3 3
Signature counter : 26
Signature key ....: 2545 D3E3 0C41 32EE 3A25 B663 5892 4EF3 CCF6 EF60

created ....: 2016-10-15 21:20:40

Encryption key....: BAE5 99FF 4F3D AB19 60C0 B0B8 0984 52C3 1AFA A499

created ....: 2016-10-15 21:20:40

Authentication key: 9293 BD4E 9BD9 CCC9 6221 8AB0 0E98 95D4 E7AD 8B07

created ....: 2016-10-15 21:23:09

General key info..: pub rsa2048/58924EF3CCF6EF60 2016-10-15 Thorsten
sec# rsa2048/58924EF3CCF6EF60 erzeugt: 2016-10-15 verfällt: niemals
ssb# rsa2048/098452C31AFAA499 erzeugt: 2016-10-15 verfällt: niemals
ssb# rsa2048/0E9895D4E7AD8B07 erzeugt: 2016-10-15 verfällt: niemals

gpg -K

gpg -k


pub rsa2048 2016-10-15 [SC]


uid [ unbekannt ] Thorsten Reichelt <>
sub rsa2048 2016-10-15 [E]
sub rsa2048 2016-10-15 [A]

Yet another Yubikey think, I'll better a a keyword for this.

This bug is not reproducible for me. I don't think it is Yubikey specific.
I suspect some failure for the transition from 2.0 to 2.1.
In GnuPG 2.1 the private keys are stored under the directory gnupg/private-keys-v1.d.
Do you have this directory?
How does it goes when you prepare another directory and specify that?
I mean:

gpg --homedir=SOME-NEW-DIRECTORY --card-status

Or do you have right permission for creating directory at C:/Users/shinji/AppData/Roaming/gnupg?
You should have C:/Users/shinji/AppData/Roaming/gnupg/private-keys-v1.d.
If you have right permission, gpg-agent automatically create that directory.