New blog article: "Using a second #OpenPGP card for my primary key"
https://openpgp.foo/posts/2025-07-a-second-card/
This is a rather niche article, but I hope it will still contain some bits of interest, for at least some readers π€.
In it, I import my primary OpenPGP key onto a second OpenPGP card hardware device, and use the device to issue a third-party certification with rsop-oct.
I also outline some background and tradeoffs around different OpenPGP card setup.
I just released version 0.1.6 of the simple experimental standalone SSH agent for #OpenPGP cards (https://crates.io/crates/openpgp-card-ssh-agent/).
This release adds support for NIST keys, while relying on fewer dependencies.
I just released version 0.1.5 of the simple experimental standalone SSH agent for #OpenPGP cards (https://crates.io/crates/openpgp-card-ssh-agent/).
This is a minor update in terms of functionality.
However, it marks a move of the crate to the @Codeberg platform (including an integration test in Codeberg's Woodpecker CI, testing the agent against a virtual OpenPGP card: https://ci.codeberg.org/openpgp-card/ssh-agent/pipeline/31)
For the moment being I decided to disable the use of the #OpenPGPcard inside my #Librem5 to force the use of my #LibremKey when gpg is needed on the phone.
Support for multiple smartcards is improved in gpg 2.3.x I read which is not available for my distribution, yet.
This way pass works with the externally connected LibremKey/#Nitrokey as expected.
Heiko
Chris Vogel
Heiko