I’m setting up a new OpenPGP card I’ve got from Purism for my second mobile L5. During the key generation it is not asking for the length of the key 2024 or 4096 bits. The `gpg --card-status shows:
purism@pureos:~$ gpg --card-status
Reader ...........: L5 built-in SmartCard Reader 00 00
Application ID ...: D27600012401030400050000CF410000
Application type .: OpenPGP
Version ..........: 3.4
Manufacturer .....: ZeitControl
Serial number ....: 0000CF41
Name of cardholder: [not set]
Language prefs ...: de
Salutation .......:
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: forced
Key attributes ...: rsa2048 rsa2048 rsa2048
Max. PIN lengths .: 64 64 64
PIN retry counter : 3 0 3
Signature counter : 4
KDF setting ......: off
Signature key ....: 0880 352D F31B 5AED 8E90 FC5B 0650 0BB7 D65F 4BE3
created ....: 2024-05-11 15:18:52
Encryption key....: 3E6E 4F1D 541F 9BD8 CEF7 C01C EE22 0666 1921 411A
created ....: 2024-05-11 15:18:52
Authentication key: 1274 5D73 CDA7 69B5 979D 2FE9 5E3B 2EB2 1466 6396
created ....: 2024-05-11 15:18:52
General key info..: pub rsa2048/06500BB7D65F4BE3 2024-05-11 Matthias Apitz (OpenPGP card)
<guru@unixarea.de>
sec> rsa2048/06500BB7D65F4BE3 created: 2024-05-11 expires: never
card-no: 0005 0000CF41
ssb> rsa2048/5E3B2EB214666396 created: 2024-05-11 expires: never
card-no: 0005 0000CF41
ssb> rsa2048/EE2206661921411A created: 2024-05-11 expires: never
card-no: 0005 0000CF41
I could do the generate command again because the keys are still no in use.
Older cards in the dialog were asking (as my older write-ups show):
…
What keysize do you want for the Signature key? (2048) 4096
The card will now be re-configured to generate a key of 4096 bits
…
How can i force keysize 4094?