Keys on Smart Card not shown in GPG Keychain

Only the secret key(s) are stored on the smart card by MacGPG. The public key and user IDs are not stored on the smart card. Thus you can not use "--card-status" to get the card to work. For that, you need to have the public key in your keychain. This is the case, when you generate a new key.

You have two options to handle this:

  1. Generate a new key on the card or move an existing key to the card:

    • Generate a new key: "gpg2 --card-edit" and "generate" OR
    • Move an existing key: "gpg2 --edit-key 85E38F69046B44C1EC9FB07B76D78F0500D026C4" and "keytocard".
  2. Upload the key to a key server:

    gpg2 --keyserver hkps:// --send-keys 85E38F69046B44C1EC9FB07B76D78F0500D026C4
  3. Set the URL, to retrieve the public key, on the card:

    gpg2 --card-edit

Replace every occurrence of "85E38F69046B44C1EC9FB07B76D78F0500D026C4" in the commands, with the fingerprint of your key.

Steps to use the smart card on a (new) computer:

  1. Get the public key (only if the public key is not yet in your keychain)

    gpg2 --card-edit
  2. Create a stub for the secret key in your keychain

    gpg2 --card-status
  3. Use the (secret) key as if it was in your keychain