Hi everyone 👋
I'm using a PGP key stored on my YubiKey 5 NFC. I followed this guide for the creation and most things work fine. E.g. I can sign, encrypt and decrypt files or messages without any problems. However, when I try to sign another PGP key (either via --sign-key or via --edit-key) I get the error message No secret key. When I import the backup of the key and use it without my YubiKey, everything works like expected. So it seems that secret keys on a SmartCard are not recognized when signing other keys.
Operating System: I confirmed this issue on Fedora 36 and Manjaro Linux.
GPG Version: gpg (GnuPG) 2.2.40 - libgcrypt 1.10.1-unknown
Example Output:
[user@host ~]$ gpg --sign-key 7A8DD8956B521A595377A85FECF71F48DAB4BB1F
pub rsa2048/ECF71F48DAB4BB1F
created: 2023-03-14 expires: never usage: SC
trust: unknown validity: unknown
sub rsa2048/01663D33D408ADD7
created: 2023-03-14 expires: never usage: E
[ unknown] (1). Tony Test <Tony.test@local>
pub rsa2048/ECF71F48DAB4BB1F
created: 2023-03-14 expires: never usage: SC
trust: unknown validity: unknown
Primary key fingerprint: 7A8D D895 6B52 1A59 5377 A85F ECF7 1F48 DAB4 BB1F
Tony Test <Tony.test@local>
Are you sure that you want to sign this key with your
key "Tobias Neitzel <secure@tneitzel.eu>" (6EABFF0B18E7247E)
Really sign? (y/N) y
gpg: signing failed: No secret key
gpg: signing failed: No secret key
Key not changed so no update needed.