Commit message (Collapse) | Author | Files | Lines | ||
---|---|---|---|---|---|
2021-05-01 | Add hint re. (new) `ssh-keygen -t ed25519-sk` | Michael Vorburger ⛑️ | 1 | -0/+2 | |
2021-03-24 | Update usage of ykman | Willi Schönborn | 1 | -6/+6 | |
Fixes the following warning: WARNING: The use of this command is deprecated and will be removed! Replace with: ykman openpgp keys set-touch | |||||
2021-02-04 | Update README.md | berwag | 1 | -1/+1 | |
2021-01-28 | Update README.md | berwag | 1 | -1/+1 | |
changed wording according to yubischiess' comment | |||||
2021-01-27 | Additions to "Required Software" | berwag | 1 | -0/+6 | |
proposed change according to Issue#215 | |||||
2021-01-13 | Fix: "quit" to save -> "save" to save | Andreas Klöckner | 1 | -1/+1 | |
2021-01-10 | add fish config | basbebe | 1 | -0/+7 | |
2021-01-10 | Add SSH setup for macOS GUI applications | basbebe | 1 | -2/+61 | |
On macOS, a LaunchAgent needs to be created to overwrite the system's SSH agent. see https://github.com/drduh/YubiKey-Guide/issues/229 | |||||
2020-12-25 | Adds warning about PUK being default | Nemo | 1 | -1/+3 | |
2020-12-25 | Adds instructions on changing the PUK | Nemo | 1 | -3/+25 | |
2020-12-24 | Rephrase one sentence according to one comment on drduh/YubiKey-Guide#225 | Zenithal | 1 | -1/+1 | |
2020-12-24 | Add subsections on chained agent forwarding | Zenithal | 1 | -4/+35 | |
2020-12-03 | Add note on chained agent forwarding | Zenithal | 1 | -0/+4 | |
2020-12-03 | Correct WSL agent forwarding | Zenithal | 1 | -4/+8 | |
This is a mix of two forwarding method, this commit separates them | |||||
2020-12-03 | Change note in alter agent section | Zenithal | 1 | -1/+2 | |
Different methods have different requirements | |||||
2020-12-03 | Add new method for ssh-agent forwarding | Zenithal | 1 | -4/+45 | |
2020-12-03 | Add details to GPG-Agent forward; Alter structure | Zenithal | 1 | -56/+73 | |
GPG Agent forwarding has a broader usage, not only limited to ssh-agent forwarding. In this commit gpg-agent forwarding is raised as a separate section as it can not be contained by #SSH any longer. More details are added for gpg-agent forwarding, including some important notes taken from practice and analysis. For ssh-agent forward, older method are contained, and new method will be included as framework has been structured. | |||||
2020-12-02 | Change format of important notes in mutt subsection | Zenithal | 1 | -1/+1 | |
2020-12-02 | Add Mutt subsection in Email section | Zenithal | 1 | -0/+9 | |
2020-12-02 | Add Mutt in Email intro | Zenithal | 1 | -1/+1 | |
2020-11-14 | Fix reset command | Nemo | 1 | -1/+1 | |
gpg-connect-agent uses `-r/--run` not `-R` | |||||
2020-10-31 | Change edit to create or edit | Jean-Paul van Ravensberg | 1 | -1/+1 | |
As gpg-agent.conf didn't exist on my system | |||||
2020-10-31 | Add PowerShell command to get YubiKey name | Jean-Paul van Ravensberg | 1 | -2/+9 | |
2020-09-25 | Update verification of Debian ISO to not hardcode the version. | Anthony Muller | 1 | -2/+2 | |
2020-09-25 | Change Debian ISO url to be generated from the contents of SHA512SUM. | Anthony Muller | 1 | -2/+2 | |
This removes the need to maintain the version number, which is currently out of date. | |||||
2020-09-17 | Fix links with parentheses | andy | 1 | -2/+2 | |
2020-09-01 | unset GNUPGHOME variable | Rudy Gevaert | 1 | -0/+2 | |
if not done, in the next step you get error: gpg: keyblock resource '/home/..../gnupg-workspace/pubring.kbx': No such file or directory gpg: no writable keyring found: Not found | |||||
2020-08-29 | Add option to retrieve additionaly entropy from YubiKey itself | Mirko Vogt | 1 | -0/+13 | |
2020-08-26 | change defaults and add info to #Require touch | Amolith | 1 | -3/+35 | |
As mentioned in #197, the previous behaviour would require users to touch their key any time an authentication, signing, or encryption operation was performed. In some situations, this behaviour would be undesirable and the only way to revert it would be fully resetting the key and starting from scratch. Rather than using `fixed`, this commit simply turns the feature `on` so the user can change it later if they wish. Additionally, a note about the other policies was included so users can decide for themselves which fits their situation better. | |||||
2020-08-22 | Update README.md | bengim | 1 | -0/+2 | |
fixing wrong cryptography version by explicitly installing PyOpenSSL | |||||
2020-08-21 | Python2 is EOL, update packages/references to Py3 | dragon788 | 1 | -3/+3 | |
2020-08-14 | Correct spelling | Stefano Figura | 1 | -3/+3 | |
2020-08-14 | Update wording | Stefano Figura | 1 | -1/+3 | |
Ensure that is clear that we do not need to modify keys or even plug the yubikey | |||||
2020-08-13 | Update notation section | Stefano Figura | 1 | -1/+1 | |
2020-08-13 | Add notations section | Stefano Figura | 1 | -0/+25 | |
2020-08-11 | Fix usage inconsistency | b1f6c1c4 | 1 | -5/+5 | |
Master key shall only be used to certify other keys. The usage indicator in README.md is inconsistently shown as SC and C. | |||||
2020-05-27 | Set touch policy to fixed. | Kenny MacDermid | 1 | -3/+3 | |
Setting the touch policy to `on` does not prevent the policy from later being turned off again. Setting it to `fixed` is more secure because it can not be turned off. If someone wants to disable the touch policy they can always restore the keys from the backups created in the guide. | |||||
2020-05-27 | Add information on potential PIN issues and how to debug them | Sebastian Schmieschek | 1 | -2/+5 | |
I missed the error message when attempting to set a PIN of only 5 characters due to the UI repeating the options below it. Pinentry happily stores the bogus PIN and even counts down the retry counter when entering the correct (default) one. This can be resolved by unblocking the PIN. Once I ran the gpg-agent with debug output (a tip found in the added link), the issue was obvious. | |||||
2020-05-25 | Stack rank secure environment and add a few tips | drduh | 1 | -19/+42 | |
2020-05-24 | Fix order of revocation command. | Max Mäusezahl | 1 | -1/+1 | |
According to 'man gpg' the order of arguments should be gpg [--homedir name] [--options file] [options] command [args] In this case '--gen-revoke' is the command, '$KEYID' is an argument and '--output $GNUPGHOME/revoke.asc' is an option. Previously this was incorrect (option came first) and would spawn an error. | |||||
2020-05-17 | Include --expert when editing master key | Mike Mazur | 1 | -1/+1 | |
This is specifically during setup when rotating keys. | |||||
2020-05-04 | Fix broken anchor | Vladyslav Krylasov | 1 | -5/+5 | |
There are two anchors with the same name and this breaks navigation. | |||||
2020-05-04 | Clarified wording | Jason Stelzer | 1 | -1/+1 | |
2020-05-04 | GPG keys on multiple computers | Jason Stelzer | 1 | -0/+1 | |
I feel like this took me longer to figure out than it should have. | |||||
2020-05-03 | Address throw-keyids issue with mailvelope to fix #178 | drduh | 1 | -14/+18 | |
2020-05-03 | Split export pubkey from backup to fix #175 | drduh | 1 | -86/+95 | |
2020-05-03 | Disambiguate backup volume label to fix #176. | drduh | 1 | -77/+127 | |
2020-04-29 | Describe card serial number error | Vladyslav Krylasov | 1 | -28/+15 | |
2020-04-28 | Describe ykman PGP keys reset | Vladyslav Krylasov | 1 | -0/+6 | |
2020-04-28 | Add instruction to create a revoke certificate | apiraino | 1 | -0/+15 | |