How to import OpenPGP secret key to GPG from Nitrokey on newly formatted computer?

So, I just formatted my Arch Linux computer, and got everything up and running so gpg --card-status can see my Nitrokey Pro, and I am using it to successfully SSH into remote servers etc.

However, if I do gpg2 --list-secret-keys I get nothing, and as such I cannot do things like gpg2 --export-ssh-key <GPG-keyname> since I don’t know the keyname.

I’m a bit confused here. How can gpg see the Nitrokey on gpg --card-status, yet not have the keys in the keyring? I’ve tried doing
gpg2 --card-edit
…but that does nothing, since the URL of public key is not set on the Nitrokey.

I’m a bit confused about how to proceed from here?


you need to import your public key to your local keyring. It is not possible to import the public key to a Nitrokey as GnuPG keys can be abitrarily large (because of signature that may get added).

Thus, you necessarily need to have your public key imported to your key ring first, then GnuPG “knows” what to do. Detecting the Nitrokey is no problem for GnuPG though. This is the reason that --card-status works, but not using the keys for decryption/signing whatsoever.

Kind regards