aboutsummaryrefslogtreecommitdiffstatshomepage
Commit message (Collapse)AuthorAgeFilesLines
* Additional troubleshooting step and openbsd notedrduh2018-04-291-1/+7
|
* Merge pull request #56 from micha3lbrown/remove-invalid-configdrduh2018-03-211-2/+0
|\ | | | | Remove invalid config from gpg.conf
| * Remove outdated config from gpg.confMichael Brown2018-03-211-2/+0
|/ | | | | | Removing configuration paramaters no longer supported in GPG 2.X Related to #28
* Merge pull request #55 from analogist/masterdrduh2018-03-141-1/+15
|\ | | | | add explicit public key naming for IdentitiesOnly usage
| * add explicit public key naming for IdentitiesOnly usageJames Wu2018-03-141-1/+15
|/
* Merge pull request #54 from W1lkins/hopenpgp-tools-macosdrduh2018-03-051-1/+1
|\ | | | | Install hopenpgp-tools with brew
| * install hopenpgp-tools as it is used in section ↵W1lkins2018-03-031-1/+1
|/ | | | https://github.com/drduh/YubiKey-Guide\#check-your-work where an apt-get command is listed
* Merge pull request #53 from knaggit/patch-1drduh2018-02-261-0/+4
|\ | | | | Change rights of 'gpg.conf' to avoid warning
| * Change rights of 'gpg.conf' to avoid warningMarjan Grabowski2018-02-261-0/+4
|/
* Merge pull request #51 from slurms/patch-1drduh2018-02-251-1/+1
|\ | | | | Use gpgconf to get the SSH auth socket.
| * Use gpgconf to get the ssh auth sock.Nick Sandford2018-02-251-1/+1
|/
* Merge pull request #50 from peckeltw/masterdrduh2018-02-221-5/+0
|\ | | | | remove not need keyserver certificate, see https://github.com/drduh/Y…
| * remove not need keyserver certificate, see ↵Philipp Eckel2018-02-221-5/+0
| | | | | | | | https://github.com/drduh/YubiKey-Guide/issues/48
* | Merge pull request #47 from peckeltw/masterdrduh2018-01-301-1/+0
|\| | | | | remove outdated use-standard-socket option from SSH config, see here:…
| * remove outdated use-standard-socket option from SSH config, see here: ↵Philipp Eckel2018-01-301-1/+0
|/ | | | https://www.gnupg.org/documentation/manuals/gnupg/Agent-Options.html
* Formatting nitdrduh2018-01-161-4/+1
|
* Formatting fixdrduh2017-12-211-1/+2
|
* Merge pull request #42 from kiralex/masterdrduh2017-12-181-0/+6
|\ | | | | Fix ssh-agent does not work on archlinux
| * Update README.mdkiralex2017-12-181-1/+2
| |
| * fix ssh-agent does not work on archlinuxkiralex2017-12-181-0/+5
|/
* Mention ssh multiplex to ease multiple connectionsdrduh2017-12-181-0/+2
|
* Describe status if public key not imported, fix #6drduh2017-12-181-0/+2
|
* Reference paper backup instructions, fix #3drduh2017-12-181-2/+4
|
* Document error from Debian 9drduh2017-12-141-0/+2
|
* Document ssh-add errordrduh2017-12-141-0/+2
|
* Merge pull request #40 from peckeltw/masterdrduh2017-12-121-1/+3
|\ | | | | emphasize 2048 bit as the correct key size for the YubiKey Neo
| * emphasize 2048 bit as the correct key size for the YubiKey NeoPhilipp Eckel2017-12-121-1/+3
| |
* | Merge pull request #38 from peckeltw/masterdrduh2017-11-101-1/+1
|\| | | | | fix exporting KEYID
| * fix exporting KEYIDPhilipp Eckel2017-11-101-1/+1
|/
* Merge pull request #34 from bdlow/masterdrduh2017-10-091-239/+196
|\ | | | | Updates for gpg 2.2.1, and also macOS support
| * Whitespace fixes.Ben Low2017-10-101-51/+51
| |
| * Updated to gpg 2.2.1, and added some macOS references.Ben Low2017-10-101-286/+243
|/
* Merge pull request #33 from aleksandr-vin/masterdrduh2017-09-251-1/+1
|\ | | | | Replace hkt with gpg to fix unsupported GnuPG 2.1
| * Replace hkt with gpg to fix unsupported GnuPG 2.1Aleksandr Vinokurov2017-09-231-1/+1
|/ | | | | | hkt does not support GnuPG 2.1 because it expects gpg pubring. But the export can be done by gpg itself.
* Merge pull request #31 from brendan-rius/patch-1drduh2017-08-141-1/+1
|\ | | | | Make hkt respect custom $GNUPGHOME
| * Make hkt respect custom $GNUPGHOMEBrendan Rius2017-08-131-1/+1
|/
* Merge pull request #25 from dlakomski/masterdrduh2017-05-121-0/+3
|\ | | | | Add information about composite USB mode on YK with firmware >=3.3
| * Add information about composite USB mode on YK with firmware >=3.3Dawid Łakomski2017-05-121-0/+3
|/
* Use require-cross-certification option. Fix #14.drduh2016-09-251-0/+1
|
* Plug in YubiKey correctly. Fix #9.drduh2016-09-251-1/+3
|
* Merge pull request #24 from wsargent/patch-3drduh2016-09-251-0/+2
|\ | | | | Use AES256 for private key password encryption
| * Use AES256 for private key password encryptionWill Sargent2016-09-241-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds ``` s2k-cipher-algo AES256 ``` to the GPG configuration, per https://pthree.org/2015/11/19/your-gnupg-private-key/ > --s2k-cipher-algo name > Use name as the cipher algorithm used to protect secret keys. The default cipher is CAST5. This cipher is also used for symmetric encryption with a passphrase if --personal-cipher-preferences and --cipher-algo is not given. https://www.gnupg.org/documentation/manuals/gnupg-2.0/OpenPGP-Options.html#index-s2k_002dcipher_002dalgo
* | Merge pull request #23 from wsargent/patch-2drduh2016-09-251-2/+2
|\ \ | |/ |/| Use signing subkey
| * Use signing subkeyWill Sargent2016-09-231-2/+2
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The signature was made using `0xBECFA3C1AE191D15`, and has to be used with the signing key, not the root key. I can verify this with my own key -- using the keyid doesn't work: ``` ~  echo "$(uname -a)" | gpg --armor --clearsign --default-key 0xB1A9D5A2A605F794 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Linux Puget-153699 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJX5aWdAAoJECaAG7YBLqXZi1EP/3R4oOdkXqZXcskwzfjBXa68 oZeKxTB8i74tSPXp0SL26+ULOQ6GRJdIFod2MQtqfjeu6dyNEbIBF1pHWnyLx4Bn p/+ROoOTiBSFEWPts++yYhmo0tS0cXPv6QPCYqj4mPkJe6u8wVp5hkoyujL/k9bs cAZSbeyV/hggS0rFTN4/5AeUky4LJPrWYkAiln7D0PVQeZc6DFlDpeup1Az7hWV5 ImRglAfoacNq+0LWslnc51/4knFGC/k4RS/QAyfUNJG/yy/ZZs6FNc7FjyZkw87E yRqqSPkuL64BmzNxmfKnwgMAesaq8D674lRb7b9TC8sQuuelcbgPkCCDioRmCSWh +NIe+pwWLIXHSwQntO2FblGFL+IeDYBZy3P5nO+N12EHn2oS2psep04STq5cjRaa PTMopcDsThzXljn8b6p+Iu2BaFiMkEwpAD8f0knR4DZzorpgMjIV0mEdeDuTzC1L dPHc7uZsTSSTEgxm7JO8x1h3hfwqX+KvVhmo0SgvwexqsmH7+b6j948RPGSCGBys wS8HEQgzgznQYSxqnCHvuDT9cIuyuCi9BZfqvRy3NSa+ixKMHJ4n2rFWlw8WbvTm tKFumm2z3z9JkijzJFj4sHETebaa2ip/TxeQvhFD/jEBB1XaqneDw1UaRll+6auA K6naZ0LzZx2cOzJpn4xN =TVTZ -----END PGP SIGNATURE----- ~  ~  gpg gpg: Go ahead and type your message ... -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Linux Puget-153699 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJX5aWdAAoJECaAG7YBLqXZi1EP/3R4oOdkXqZXcskLinux Puget-153699 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/LinuxwzfjBXa68 oZeKxTB8i74tSPXp0SL26+ULOQ6GRJdIFod2MQtqfjeu6dyNEbIBF1pHWnyLx4Bn p/+ROoOTiBSFEWPts++yYhmo0tS0cXPv6QPCYqj4mPkJe6u8wVp5hkoyujL/k9bs cAZSbeyV/hggS0rFTN4/5AeUky4LJPrWYkAiln7D0PVQeZc6DFlDpeup1Az7hWV5 ImRglAfoacNq+0LWslnc51/4knFGC/k4RS/QAyfUNJG /yy/ZZs6FNc7FjyZkw87E yRqqSPkuL64BmzNxmfKnwgMAesaq8D674lRb7b9TC8sQuuelcbgPkCCDioRmCSWh +NIe+pwWLIXHSwQntO2FblGFL+IeDYBZy3P5nO+N12EHn2oS2psep04STq5cjRaa PTMopcDsThzXljn8b6p+Iu2BaFiMkEwpAD8f0knR4DZzorpgMjIV0mEdeDuTzC1L dPHc7uZsTSSTEgxm7JO8x1h3hfwqX+K vVhmo0SgvwexqsmH7+b6j948RPGSCGBys wS8HEQgzgznQYSxqnCHvuDT9cIuyuCi9BZfqvRy3NSa+ixKMHJ4n2rFWlw8WbvTm tKFumm2z3z9JkijzJFj4sHETebaa2ip/TxeQvhFD/jEBB1XaqneDw1UaRll+6auA K6naZ0LzZx2cOzJpn4xN =TVTZ -----END PGP SIGNATURE----- gpg: Signature made Fri 23 Sep 2016 02:58:53 PM PDT gpg: using RSA key 0x26801BB6012EA5D9 gpg: BAD signature from "Will Sargent <will.sargent@lightbend.com>" [ultimate] ``` but using the signing key does work: ``` ✘  ~  echo "$(uname -a)" | gpg --armor --clearsign --default-key 0x26801BB6012EA5D9 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Linux Puget-153699 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJX5aagAAoJECaAG7YBLqXZvZwP/21yoEQ3hI9hP0QyrFJu/T/0 sD9Y+DGQHBU5WaII3/iVgBN2V3EQwlzX8dP4/LfTm7NQ0M2flgbPbqf/rUYLQQZg lO489XbI78kk80b3kDebkautN5rQhkU0ZAy/WfDdKmwGnF1hEXzYqEwI5S0tGddT cKt0U3cZ0XuOI7pdtSOD423tNV4l45sIAT/ndAsgpbzT0ZTkza65V/RHWqGQDDT1 VB6WKmuqOca1gTDYGlW5yITfOqdWjB30ljLjuOjFJjcOunJQmlSRDMGyjfdzF3ec X1/+vLKnI0M2ipFaxKTtjdCTo8+26wjExdGca6Sy8v9M0zBjA2vgCGBTwCpXkMQE 4HFZ6N0+6k/3icyNALJhHSRkApNom3ZqINntDNNcN/tyHZVUijb5/hfv7W4D5LSe 8b1/UbF/R46w21sgR4Rzfv5EsbZkkjWx65hTXYWByf4PqZ7NiJJGbETpPC8wSc+4 oZNk9SLZunzE2Gemk2CXu7VXR58BIP014FHjU4FN7k54ZGn7IzU2xfKCZ+se7pFh SzWIrDhZP5vsbCMbh4HzD4WFPLteNOdV+nkHi4iaSXc7UQfdgZIeKb2ljbjJTmN4 fyi/Zjk0+29pwB+W5iWD4AoKqzSsHMCrK73KRyAHcFaHOHILl8grG0GsfJmPGHCz Mm3O7IH5is7ZkvOmbUMY =jQY+ -----END PGP SIGNATURE----- ~  gpg gpg: Go ahead and type your message ... -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Linux Puget-153699 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJX5aagAAoJECaAG7YBLqXZvZwP/21yoEQ3hI9hP0QyrFJu/T/0 sD9Y+DGQHBU5WaII3/iVgBN2V3EQwlzX8dP4/LfTm7NQ0M2flgbPbqf/rUYLQQZg lO489XbI78kk80b3kDebkautN5rQhkU0ZAy/WfDdKmwGnF1hEXzYqEwI5S0tGddT cKt0U3cZ0XuOI7pdtSOD423tNV4l45sIAT/ndAsgpbzT0ZTkza65V/RHWqGQDDT1 VB6WKmuqOca1gTDYGlW5yITfOqdWjB30ljLjuOjFJjcOunJLinux Puget-153699 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux QmlSRDMGyjfdzF3ec X1/+vLKnI0M2ipFaxKTtjdCTo8+26wjExdGca6Sy8v9M0zBjA2vgCGBTwCpXkMQE 4HFZ6N0+6k/3icyNALJhHSRkApNom3ZqINntDNNcN/tyHZVUijb5/hfv7W4D5LSe 8b1/UbF/R46w21sgR4Rzfv5EsbZkkjWx65hTXYWByf4PqZ7NiJJGbETpPC8wSc+4 oZNk9SLZunzE2Gemk2CXu7VXR58BIP014FHjU4FN7k54ZGn7IzU2xfKCZ+se7pFh SzWIrDhZP5vsbCMbh4HzD4WFPLteNOdV+nkHi4iaSXc7UQfdgZIeKb2ljbjJTmN4 fyi/Zjk0+29pwB+W5iWD4AoKqzSsHMCrK73KRyAHcFaHOHILl8grG0GsfJmPGHCz Mm3O7IH5is7ZkvOmbUMY =jQY+ -----END PGP SIGNATURE----- gpg: Signature made Fri 23 Sep 2016 03:03:12 PM PDT gpg: using RSA key 0x26801BB6012EA5D9 gpg: Good signature from "Will Sargent <will.sargent@lightbend.com>" [ultimate] gpg: aka "Will Sargent <will.sargent@gmail.com>" [ultimate] Primary key fingerprint: 75E4 E7F9 1D18 D981 3028 64B1 B1A9 D5A2 A605 F794 Subkey fingerprint: ADB3 1ED0 EC01 44AF 8301 320D 2680 1BB6 012E A5D9 ```
* Merge pull request #20 from wsargent/patch-1drduh2016-09-221-0/+6
|\ | | | | Add instructions for installing gnupg-curl
| * Add $Will Sargent2016-09-221-1/+1
| |
| * Add instructions for installing gnupg-curlWill Sargent2016-09-211-0/+6
|/ | | Fixes https://github.com/drduh/YubiKey-Guide/issues/5
* Merge pull request #17 from wsargent/patch-1drduh2016-09-201-0/+11
|\ | | | | Add key checking
| * Prepend $Will Sargent2016-09-201-2/+2
| |
| * Add key checkingWill Sargent2016-09-201-0/+11
|/
generated by cgit, for Dennis Eriksen