diff options
author | drduh <doc@duh.to> | 2018-06-05 10:08:02 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-06-05 10:08:02 -0700 |
commit | 254fd2c3d2a052d275a593b62c7d7c997d43b7c7 (patch) | |
tree | 8a3bc59f4d70debdd73d202c57cd13e31ed4740f /README.md | |
parent | Merge pull request #59 from jholtmann/windows (diff) | |
download | YubiKey-Guide-254fd2c3d2a052d275a593b62c7d7c997d43b7c7.tar.gz |
Formatting fix.
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 12 |
1 files changed, 6 insertions, 6 deletions
@@ -381,7 +381,6 @@ Finally, create an [authentication key](https://superuser.com/questions/390265/w GPG doesn't provide a 'RSA (authenticate only)' key type out of the box, so select 'RSA (set your own capabilities)' and toggle the required capabilities to end up with an Authenticate-only key: -``` gpg> addkey Please select what kind of key you want: (3) DSA (sign only) @@ -467,7 +466,6 @@ GPG doesn't provide a 'RSA (authenticate only)' key type out of the box, so sele gpg> save - ## 3.6 Check your work List your new secret keys: @@ -503,7 +501,6 @@ Save a copy of your keys: $ gpg --armor --export-secret-keys $KEYID > $GNUPGHOME/mastersub.key $ gpg --armor --export-secret-subkeys $KEYID > $GNUPGHOME/sub.key - The exported (primary) key will still have the passphrase in place. In addition to the backup below, you might want to keep a separate copy of the @@ -616,12 +613,13 @@ Create a filesystem: Writing superblocks and filesystem accounting information: done Mount the filesystem: + $ sudo mkdir /mnt/usb $ sudo mount /dev/mapper/encrypted-usb /mnt/usb Finally, copy files to it: - $ sudo cp -avi $GNUPGHOME /mnt/usb + $ sudo cp -avi $GNUPGHOME /mnt/usb ‘/tmp/tmp.aaiTTovYgo’ -> ‘/mnt/usb/tmp.aaiTTovYgo’ ‘/tmp/tmp.aaiTTovYgo/revoke.txt’ -> ‘/mnt/usb/tmp.aaiTTovYgo/revoke.txt’ ‘/tmp/tmp.aaiTTovYgo/gpg.conf’ -> ‘/mnt/usb/tmp.aaiTTovYgo/gpg.conf’ @@ -635,6 +633,7 @@ Finally, copy files to it: ‘/tmp/tmp.aaiTTovYgo/pubring.gpg’ -> ‘/mnt/usb/tmp.aaiTTovYgo/pubring.gpg’ Keep the backup mounted if you plan on setting up two or more keys (as `keytocard` will [delete](https://lists.gnupg.org/pipermail/gnupg-users/2016-July/056353.html) the local copy on save), otherwise unmount and disconnected the encrypted USB drive: + $ sudo umount /mnt/usb $ sudo cryptsetup luksClose encrypted-usb @@ -651,6 +650,7 @@ YubiKey NEOs shipped after November 2015 have [all modes enabled](https://www.yu Older versions of the YubiKey NEO may need to be reconfigured as a composite USB device (HID + CCID) which allows OTPs to be emitted while in use as a smart card. Plug in your YubiKey and configure it: + $ ykpersonalize -m82 Firmware version 4.2.7 Touch level 527 Program sequence 4 @@ -672,8 +672,8 @@ Use the [YubiKey NEO Manager](https://www.yubico.com/products/services-software/ ## 3.10 Configure smartcard Use GPG to configure YubiKey as a smartcard: - $ gpg --card-edit + $ gpg --card-edit Reader ...........: Yubico Yubikey 4 OTP U2F CCID Application ID ...: D2760001240102010006055532110000 Version ..........: 2.1 @@ -1399,4 +1399,4 @@ The Yubikey has two configurations, one invoked with a short press, and the othe <https://alexcabal.com/creating-the-perfect-gpg-keypair/> -<https://www.void.gr/kargig/blog/2013/12/02/creating-a-new-gpg-key-with-subkeys/>
\ No newline at end of file +<https://www.void.gr/kargig/blog/2013/12/02/creating-a-new-gpg-key-with-subkeys/> |