How to import backed up encryption key (sk_<id>.gpg)?


#1

“If you use Thunderbird’s or GnuPG’s function for generating keys directly on-card, it will propose you a backup. But this is a backup of the encryption subkey only!” - from the FAQ.

This backup creats a sk_.gpg file. How do I import this? gpg --import sk_<id>.gpg gives “gpg: key : no user ID”. Tried with both a fresh .gnupg folder and one that has the cards public keys.

gnupg 2.2.4


#2

Hi,

you ideally import this in another smartcard device/second Nitrokey if you do not have the original. Basically you have to use the “bkuptocard” command, which can be reached through the ‘–key-edit’ dialog.

That is to say you use the key stub in your keyring.

gpg --card-edit <keyid>

bkuptocard sk_<id>.gpg

You maybe have to put in the whole path to the file.

I hope this helps. This backup option is not the best thing in GnuPG in my opinion :frowning:

Kind regards
Alex