Import

Full key to stub key…

Warning

Importing a GPG key to a smart-card is a one-way operation for your private key! Backup your full key via an export first!

Note

Reminder from gpg2 --list-secret-keys after we created a sub-keys.

sec   rsa4096/0xCCCCCCCCCCCCCCCC 2015-02-01 [SC] [expires: 2020-01-31]
uid                   [...]
ssb   rsa4096/0xEEEEEEEEEEEEEEEE 2015-02-01 [E] [expires: 2020-01-31]
ssb   rsa4096/0xAAAAAAAAAAAAAAAA 2015-02-01 [A] [expires: 2020-01-31]

gpg2 --edit-key CCCCCCCCCCCCCCCC

# move primary key to signature key slot on card
gpg> toggle
gpg> keytocard
# select: (1) Signature key

# repeat for encryption key
gpg> key 1
gpg> keytocard
# select: (2) Encryption sub-key

# repeat for authentication sub-key
gpg> key 2
gpg> keytocard
# select: (3) Authentication key

gpg> quit
# Save changes? (y/N) y

gpg2 --list-secret-keys
# [...]
# ssb* [...]

See [YubiImport] and [YubiEdit]

YubiImport

https://developers.yubico.com/PGP/Importing_keys.html

YubiEdit

https://developers.yubico.com/PGP/Card_edit.html