I have a yubikey (with PGP smartcard function) with my PGP key on it. I did not replace the private key on my main PC with a stub key as keytocard does by default, so I still can use the PGP key with a passphrase without using the yubikey.
But when the full private key is still in the keyring, gpg does not use the yubikey when it is present. Can I force gpg to use it when it is plugged in while using my passphrase to unlock the key on the PC when the keycard is not available?
I do not believe there is a way to do it, because the key record in GnuPG keyring needs to indicate that the key is on the card -- only then gpg will try to connect to it. You can make a full recursive copy of your gnupg directory into another location (e.g. $HOME/.gnupg-backup) and then perform keytocard. This will delete the key from your $HOME/.gnupg main dir, but if for some reason you need to resort to the local copy of your key, you can set an environment variable export GNUPGHOME=$HOME/.gnupg-backup to force gnupg to use the backup location containing the private key.
