Last year, I followed this guide to create two GnuPG Smart Cards; one card with the Primary Key and the other card with the Sub-keys.
I noticed that the sub keys were close to expiring so I renewed them and sent them to the sub-key Smart Card and saved the new luks image back to a USB.
My questions are:
- What is the proper way to update the sub-keys on a keyserver? Apparently, the key that I uploaded to http://pgp.mit.edu has the Primary key's ID but shows the sub-keys with the old expiration date.
- Will I be able to decrypt anything that was encrypted with the old sub-keys? Or use any of the other functions from the old sub-keys (Sign, Encrypt, Authenticate)?
I ask #2 because I was using the sub-key card for SSH Authentication and had to re-run ssh-copy-id for each server. I noticed the output of ssh-add -L had different output as well.
Thankfully, I haven't encrypted anything important with the old sub-keys but I was hoping to understand the process before committing to using it.
I'm running Debian 9.5 (Stretch) with gpg (GnuPG) 2.1.18.
