A few weeks ago I purchased the YubiKey 4 bundle (1 white and 1 black YubiKey 4).
I have written 2 different 4096 bit GPG keys to them without problem.
Today I received another bundle I ordered (to have spare/replacements) but I cannot move my 4096 bit keys to them.
When I check with the YubiKey Personalization tool I see my "old" keys have firmware 4.3.4 and the "new" have firmware 4.3.5,
so I would guess this should be possible since the firmware is even newer.
When I run gpg2 --card-status I get the card information and the
key attributes are set to 2048I tried to generate a new keypair on the YubiKey and when I select 4096 and getting a warning that this might not work, the newly generated key seems to be a 4096 bit one.
when I check again the key attributes are now set to 4096 but I still cannot move a new key (keytocard) to the YubiKey.
The only key that I can move to the YubiKey is a 2048 one but I need my 4096 bit key not a 2048 bit one or a new one.
Here is the output from gpg when I do keytocard:
Quote:
gpg> keytocard
Really move the primary key? (y/N) y
Please select where to store the key:
(1) Signature key
(3) Authentication key
Your selection? 3
gpg: WARNING: such a key has already been stored on the card!
Replace existing key? (y/N) y
gpg: KEYTOCARD failed: Onbruikbare geheime sleutel
gpg>
The error in Dutch is : "Unusable secret key"
I've found a post here with a similar problem, but that person had an error after entering a PIN, this is before the PIN is asked.
Anyone have an Idea ?
Patrick
Login
FAQ
Search
