From 9309658d39f8bb7ffc29eb1832266a42d038be09 Mon Sep 17 00:00:00 2001
From: Heiko Schaefer <heiko@schaefer.name>
Date: Fri, 5 Aug 2022 22:48:53 +0200
Subject: [PATCH] Document password entry for opgpcard key import.

---
 tools/README.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/tools/README.md b/tools/README.md
index e475f6a..48ca007 100644
--- a/tools/README.md
+++ b/tools/README.md
@@ -401,6 +401,12 @@ $ opgpcard admin --card ABCD:01234567 -P <admin-pin-file> import key.priv \
 When fingerprints are only specified for a subset of the roles, no keys will
 be imported for the other roles.
 
+If the private (sub)keys in the import file are password protected, the user will be prompted to enter
+the password. If (sub)keys are encrypted with different passwords, the user will be prompted multiple times.
+(Background: OpenPGP keys can be password protected when they are stored in files, but on an OpenPGP card
+the keys always exist in unencrypted form. Therefore, they need to be decrypted for import.)
+
+
 #### Generate Keys on the card
 
 Key generation needs both the Admin PIN and the User PIN (the User PIN is needed to export the new key as a public key).