YubiKey-Guide icon indicating copy to clipboard operation
YubiKey-Guide copied to clipboard
verified publisher icon drduh

Key Backups

Open iandstanley opened this issue 3 years ago • 0 comments

Another less used GNUPG option I've come across in the GNUPG manual is the "bkuptocard" subcommand of --edit-key

It's only mentioned in page 49 of the manual and the index.

Apparently when we initialize a card, (PRESUMABLY THIS MEANS WHEN WE GEN A KEY ON CARD?) GNUPG creates a backup file of the key in key backup format.

This file can be restored to a card/Yubikey with the --edit-key subcommand (quoting the manual):

bkuptocard file

Restore the given file to a card. This command may be used to restore a backup key (as generated during card initialization) to a new card. In almost all cases this will be the encryption key. You should use this command only with the corresponding public key and make sure that the file given as argument is indeed the backup to restore. You should then select 2 to restore as encryption key. You will first be asked to enter the passphrase of the backup key and then for the Admin PIN of the card.

Has anybody ever used this functionality who could clarify what this is talking about?

iandstanley avatar Jun 13 '22 09:06 iandstanley