For new machine, here is my GnuPG settings.
.gnupg/gpg.conf
I create .gnupg/gpg.conf file with the following content.
use-agent personal-digest-preferences SHA256 cert-digest-algo SHA256 default-preference-list SHA512 SHA384 SHA256 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed default-key 0x4ca7babe
Let gpg-agent manage SSH key
I deactivate seahose-agent. Also, I deactivate gnome-keyring managing SSH key.
$ gconftool-2 --type bool --set /apps/gnome-keyring/daemon-components/ssh false
Then, I create .gnupg/gpg-agent.conf file with the following content.
enable-ssh-support
Fetch the GPG key
I fetch my GPG key. Here is the session.
$ gpg --card-edit Application ID ...: D276000124010200F517000000010000 Version ..........: 2.0 Manufacturer .....: unknown Serial number ....: 00000001 Name of cardholder: Yutaka Niibe Language prefs ...: ja Sex ..............: 男 URL of public key : http://www.gniibe.org/gniibe.asc Login data .......: gniibe Signature PIN ....: 未処理 Key attributes ...: 2048R 2048R 2048R Max. PIN lengths .: 127 127 127 PIN retry counter : 3 3 3 Signature counter : 0 Signature key ....: 1241 24BD 3B48 62AF 7A0A 42F1 00B4 5EBD 4CA7 BABE created ....: 2010-10-15 06:46:33 Encryption key....: 42E1 E805 4E6F 1F30 26F2 DC79 79A7 9093 0842 39CF created ....: 2010-10-15 06:46:33 Authentication key: B4D9 7142 C42D 6802 F5F7 4E70 9C33 B6BA 5BB0 65DC created ....: 2010-10-22 06:06:36 General key info..: [none] gpg/card> fetch gpg: 鍵4CA7BABEをhttpからサーバーwww.gniibe.orgに要求 gpg: /home/gniibe/.gnupg/trustdb.gpg: 信用データベースができました gpg: 鍵4CA7BABE: 公開鍵“NIIBE Yutaka <gniibe@fsij.org>”を読み込みました gpg: 絶対的に信用する鍵が見つかりません gpg: 処理数の合計: 1 gpg: 読込み: 1 (RSA: 1) gpg/card> quit $