678 B
678 B
gpg-switch-yubikey
Switch GPG between two YubiKeys that hold identical key material.
GPG binds secret key stubs to a specific card serial number. When you swap YubiKeys, GPG prompts you to insert the other one. This script deletes the stubs and re-learns whichever card is currently inserted.
Install
cp gpg-switch-yubikey ~/.local/bin/
chmod +x ~/.local/bin/gpg-switch-yubikey
Make sure ~/.local/bin is in your PATH.
Usage
After physically swapping to a different YubiKey:
gpg-switch-yubikey
Configuration
The script contains a hardcoded GPG key fingerprint. Edit the FINGERPRINT variable in the script to match your own key.