Deletion candidate

This page is is either off topic, has a low overall quality, or is simply outdated and will be deleted soon. If you still need this page, please contact the WikiCaretakers and explain what this page is for. Please do not remove this notice from the page.


  • This usage is not recommended
  • Other descriptions for this specific scenario exist elsewhere on the net
  • If people should not follow this guide, why do we have it?

Using the card with your main key (not recommended)

gerloff <gerloff AT fsfe DOT org> - Wednesday 14 September 2005

Please Note It is not recommended to use the card with your main key. Please use the card with subkeys

This Howto gives very basic instructions for generating a GnuPG key and setting up your computer for use with the Fellowship card.

You can use your card for several purposes. Since most people will want to use it for mail signing and encryption, this is what we're going to talk about here. This document tries to guide you through the process of setting up your Cryptocard and getting it to do what you want it to do in a not-too-technical fashion.

For a start, we will only consider the situation where you generate a new GnuPG key to put onto your Cryptocard. This is the case for people who are using GnuPG for the first time.

Please Note This is only an introductory document, aimed at a generic hard- and software setting involving GNU/Linux. For a full-length description please see the full-length Fellowship crypto card Howto. If you run into problems specific to your GnuPG setup, you may want to read other GnuPG Howtos.

First set up your card reader by following our card reader howto (hotplug). For newer systems, please follow the card reader howto (udev)

To modify the contents of your card, use the following command:

 $ gpg --card-edit

GnuPG will start again, this time giving you its own command line and awaiting your orders. You can now start to generate your own GPG key and copy it onto the card. First, enter the GnuPG's administrator mode:

 command> admin

Then, tell GnuPG to generate a key for you:

 command> generate

You will be asked if you would like to make an off-card copy of the encryption key. It is useful to say yes here.

Choose if your key should expire after a certain time. Now you are asked for your real name, your email address and a comment (you don't have to enter a comment). Then confirm your information with "o". When you are asked for a passphrase, leave it blank.

Now you should be able to use your Smartcard the usual way one would use GnuPG, but instead of typing in a passphrase you have to enter the PIN. Have a lot of fun with your Fellowship card!


TechDocs/CardHowtos/CardWithMainKey (last edited 2016-05-07 17:26:38 by jzarl)