Smart card + GnuPG: what is stored in my keyring/how to adopt smart card?

You need to run:

gpg --card-status

and gpg will do it for you:

/tmp$ mkdir gpgtmp
/tmp$ chmod go-rwx gpgtmp

/tmp$ GNUPGHOME=/tmp/gpgtmp gpg --keyserver pgp.mit.edu --recv F8713BDF 
gpg: sleutelring ‘/tmp/gpgtmp/secring.gpg’ is aangemaakt
gpg: sleutelring ‘/tmp/gpgtmp/pubring.gpg’ is aangemaakt
gpg: opvragen sleutel F8713BDF van hkp sleutelserver pgp.mit.edu
WARNING: gnome-keyring:: couldn't connect to: /run/user/robin/keyring-55e9Rg/pkcs11: No such file or directory
gpg: /tmp/gpgtmp/trustdb.gpg: trustdb created
gpg: sleutel F8713BDF: publieke sleutel “Robin Sheat <[email protected]>” geimporteerd
gpg: no ultimately trusted keys found
gpg: Totaal aantal verwerkt: 1
gpg:               Geimporteerd: 1  (RSA: 1)

/tmp$ GNUPGHOME=/tmp/gpgtmp gpg --list-secret
*nothing here*

/tmp$ GNUPGHOME=/tmp/gpgtmp gpg --card-status
*snip boring card info*
General key info..: pub  2048R/F8713BDF 2013-09-24 Robin Sheat <[email protected]>
sec>  2048R/F8713BDF  aangemaakt: 2013-09-24  vervaldatum: nooit     
*etc*

/tmp$ GNUPGHOME=/tmp/gpgtmp gpg --list-secret
/tmp/gpgtmp/secring.gpg
-----------------------
sec>  2048R/F8713BDF 2013-09-24
      Serienummer van de kaart = ....
uid                  Robin Sheat <[email protected]>
*etc*

When you start with a fresh installation, you have two options:

1. Plug the smart card (Yubikey) and run

   gpg --card-edit
   fetch
   quit
   

   Then, running gpg with the --card-status option to create the stubs for the secret keys:

   gpg --card-status
   

2. Import your public key from a key server (the fetch command above does the same automatically), then

   gpg --card-status
   

The methods only differ in the way the public key is imported, i.e. automatically or manually.

When you set up a key-pair on a smart card, all the data needed for both encrypt, decrypt and signing operations is stored on the card. Therefore, even after the loss of your keyring, you will be able to perform these operations by simply having your smart card to hand.

I recommend you don't simply take my word for it, though, and experiment yourself. Reconfigure GPG to look at an empty keyring directory and try to decrypt your important files using the smart card. You may need to import the certificates from the card to your keyring first, those steps depend on what key manager you're using.