aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/README.md (unfollow)
Commit message (Collapse)AuthorFilesLines
2018-07-19Expand on ssh identies usage.Ben Low1-3/+8
2018-07-18Fix key label, consistency.Ben Low1-1/+1
2018-07-18Fix TOC, spelling.Ben Low1-6/+10
2018-07-18Added information on `gpg-agent`.Ben Low1-5/+35
2018-07-15Fix "signingkey" typoJonah Aragon1-1/+1
2018-07-05Added comment on GitHub Authetication for only WindowsVadim Zendejas1-1/+1
2018-07-05Added veracrypt.fr link to pre-compiled execsVadim Zendejas1-0/+2
Added veracrypt.fr link to pre-compiled execs
2018-06-21Fix spaces for READMEMirko Pizii1-9/+9
2018-06-21Fix link of summary listMirko Pizii1-20/+20
2018-06-20Fixing signature file fetch command for ykpersWheest1-1/+1
2018-06-16Emphasize live distro to fix #45drduh1-13/+15
2018-06-16Update introduction, fix formatting and fix #46drduh1-112/+92
2018-06-13Fix up some formattingdrduh1-0/+4
2018-06-05Formatting fix.drduh1-6/+6
2018-06-05Fixed menuJonathan Holtmann1-55/+55
2018-06-05Added information on how to perform the YubiKey GPG setup and SSH ↵Jonathan Holtmann1-167/+283
authentication on Windows devices
2018-06-02Mention Pursedrduh1-4/+2
2018-04-29Note on keeping backup mounted for 2xkeys. Fix #44drduh1-2/+4
2018-04-29Remove obsolete option, add troubleshooting itemdrduh1-2/+1
2018-04-29Additional troubleshooting step and openbsd notedrduh1-1/+7
2018-03-21Remove outdated config from gpg.confMichael Brown1-2/+0
Removing configuration paramaters no longer supported in GPG 2.X Related to #28
2018-03-14add explicit public key naming for IdentitiesOnly usageJames Wu1-1/+15
2018-03-03install hopenpgp-tools as it is used in section ↵W1lkins1-1/+1
https://github.com/drduh/YubiKey-Guide\#check-your-work where an apt-get command is listed
2018-02-26Change rights of 'gpg.conf' to avoid warningMarjan Grabowski1-0/+4
2018-02-25Use gpgconf to get the ssh auth sock.Nick Sandford1-1/+1
2018-02-22remove not need keyserver certificate, see ↵Philipp Eckel1-5/+0
https://github.com/drduh/YubiKey-Guide/issues/48
2018-01-30remove outdated use-standard-socket option from SSH config, see here: ↵Philipp Eckel1-1/+0
https://www.gnupg.org/documentation/manuals/gnupg/Agent-Options.html
2018-01-16Formatting nitdrduh1-4/+1
2017-12-21Formatting fixdrduh1-1/+2
2017-12-18Update README.mdkiralex1-1/+2
2017-12-18fix ssh-agent does not work on archlinuxkiralex1-0/+5
2017-12-18Mention ssh multiplex to ease multiple connectionsdrduh1-0/+2
2017-12-18Describe status if public key not imported, fix #6drduh1-0/+2
2017-12-18Reference paper backup instructions, fix #3drduh1-2/+4
2017-12-14Document error from Debian 9drduh1-0/+2
2017-12-14Document ssh-add errordrduh1-0/+2
2017-12-12emphasize 2048 bit as the correct key size for the YubiKey NeoPhilipp Eckel1-1/+3
2017-11-10fix exporting KEYIDPhilipp Eckel1-1/+1
2017-10-10Whitespace fixes.Ben Low1-51/+51
2017-10-10Updated to gpg 2.2.1, and added some macOS references.Ben Low1-286/+243
2017-09-23Replace hkt with gpg to fix unsupported GnuPG 2.1Aleksandr Vinokurov1-1/+1
hkt does not support GnuPG 2.1 because it expects gpg pubring. But the export can be done by gpg itself.
2017-08-13Make hkt respect custom $GNUPGHOMEBrendan Rius1-1/+1
2017-05-12Add information about composite USB mode on YK with firmware >=3.3Dawid Łakomski1-0/+3
2016-09-25Use require-cross-certification option. Fix #14.drduh1-0/+1
2016-09-25Plug in YubiKey correctly. Fix #9.drduh1-1/+3
2016-09-24Use AES256 for private key password encryptionWill Sargent1-0/+2
Adds ``` s2k-cipher-algo AES256 ``` to the GPG configuration, per https://pthree.org/2015/11/19/your-gnupg-private-key/ > --s2k-cipher-algo name > Use name as the cipher algorithm used to protect secret keys. The default cipher is CAST5. This cipher is also used for symmetric encryption with a passphrase if --personal-cipher-preferences and --cipher-algo is not given. https://www.gnupg.org/documentation/manuals/gnupg-2.0/OpenPGP-Options.html#index-s2k_002dcipher_002dalgo
2016-09-23Use signing subkeyWill Sargent1-2/+2
The signature was made using `0xBECFA3C1AE191D15`, and has to be used with the signing key, not the root key. I can verify this with my own key -- using the keyid doesn't work: ``` ~  echo "$(uname -a)" | gpg --armor --clearsign --default-key 0xB1A9D5A2A605F794 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Linux Puget-153699 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJX5aWdAAoJECaAG7YBLqXZi1EP/3R4oOdkXqZXcskwzfjBXa68 oZeKxTB8i74tSPXp0SL26+ULOQ6GRJdIFod2MQtqfjeu6dyNEbIBF1pHWnyLx4Bn p/+ROoOTiBSFEWPts++yYhmo0tS0cXPv6QPCYqj4mPkJe6u8wVp5hkoyujL/k9bs cAZSbeyV/hggS0rFTN4/5AeUky4LJPrWYkAiln7D0PVQeZc6DFlDpeup1Az7hWV5 ImRglAfoacNq+0LWslnc51/4knFGC/k4RS/QAyfUNJG/yy/ZZs6FNc7FjyZkw87E yRqqSPkuL64BmzNxmfKnwgMAesaq8D674lRb7b9TC8sQuuelcbgPkCCDioRmCSWh +NIe+pwWLIXHSwQntO2FblGFL+IeDYBZy3P5nO+N12EHn2oS2psep04STq5cjRaa PTMopcDsThzXljn8b6p+Iu2BaFiMkEwpAD8f0knR4DZzorpgMjIV0mEdeDuTzC1L dPHc7uZsTSSTEgxm7JO8x1h3hfwqX+KvVhmo0SgvwexqsmH7+b6j948RPGSCGBys wS8HEQgzgznQYSxqnCHvuDT9cIuyuCi9BZfqvRy3NSa+ixKMHJ4n2rFWlw8WbvTm tKFumm2z3z9JkijzJFj4sHETebaa2ip/TxeQvhFD/jEBB1XaqneDw1UaRll+6auA K6naZ0LzZx2cOzJpn4xN =TVTZ -----END PGP SIGNATURE----- ~  ~  gpg gpg: Go ahead and type your message ... -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Linux Puget-153699 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJX5aWdAAoJECaAG7YBLqXZi1EP/3R4oOdkXqZXcskLinux Puget-153699 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/LinuxwzfjBXa68 oZeKxTB8i74tSPXp0SL26+ULOQ6GRJdIFod2MQtqfjeu6dyNEbIBF1pHWnyLx4Bn p/+ROoOTiBSFEWPts++yYhmo0tS0cXPv6QPCYqj4mPkJe6u8wVp5hkoyujL/k9bs cAZSbeyV/hggS0rFTN4/5AeUky4LJPrWYkAiln7D0PVQeZc6DFlDpeup1Az7hWV5 ImRglAfoacNq+0LWslnc51/4knFGC/k4RS/QAyfUNJG /yy/ZZs6FNc7FjyZkw87E yRqqSPkuL64BmzNxmfKnwgMAesaq8D674lRb7b9TC8sQuuelcbgPkCCDioRmCSWh +NIe+pwWLIXHSwQntO2FblGFL+IeDYBZy3P5nO+N12EHn2oS2psep04STq5cjRaa PTMopcDsThzXljn8b6p+Iu2BaFiMkEwpAD8f0knR4DZzorpgMjIV0mEdeDuTzC1L dPHc7uZsTSSTEgxm7JO8x1h3hfwqX+K vVhmo0SgvwexqsmH7+b6j948RPGSCGBys wS8HEQgzgznQYSxqnCHvuDT9cIuyuCi9BZfqvRy3NSa+ixKMHJ4n2rFWlw8WbvTm tKFumm2z3z9JkijzJFj4sHETebaa2ip/TxeQvhFD/jEBB1XaqneDw1UaRll+6auA K6naZ0LzZx2cOzJpn4xN =TVTZ -----END PGP SIGNATURE----- gpg: Signature made Fri 23 Sep 2016 02:58:53 PM PDT gpg: using RSA key 0x26801BB6012EA5D9 gpg: BAD signature from "Will Sargent <will.sargent@lightbend.com>" [ultimate] ``` but using the signing key does work: ``` ✘  ~  echo "$(uname -a)" | gpg --armor --clearsign --default-key 0x26801BB6012EA5D9 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Linux Puget-153699 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJX5aagAAoJECaAG7YBLqXZvZwP/21yoEQ3hI9hP0QyrFJu/T/0 sD9Y+DGQHBU5WaII3/iVgBN2V3EQwlzX8dP4/LfTm7NQ0M2flgbPbqf/rUYLQQZg lO489XbI78kk80b3kDebkautN5rQhkU0ZAy/WfDdKmwGnF1hEXzYqEwI5S0tGddT cKt0U3cZ0XuOI7pdtSOD423tNV4l45sIAT/ndAsgpbzT0ZTkza65V/RHWqGQDDT1 VB6WKmuqOca1gTDYGlW5yITfOqdWjB30ljLjuOjFJjcOunJQmlSRDMGyjfdzF3ec X1/+vLKnI0M2ipFaxKTtjdCTo8+26wjExdGca6Sy8v9M0zBjA2vgCGBTwCpXkMQE 4HFZ6N0+6k/3icyNALJhHSRkApNom3ZqINntDNNcN/tyHZVUijb5/hfv7W4D5LSe 8b1/UbF/R46w21sgR4Rzfv5EsbZkkjWx65hTXYWByf4PqZ7NiJJGbETpPC8wSc+4 oZNk9SLZunzE2Gemk2CXu7VXR58BIP014FHjU4FN7k54ZGn7IzU2xfKCZ+se7pFh SzWIrDhZP5vsbCMbh4HzD4WFPLteNOdV+nkHi4iaSXc7UQfdgZIeKb2ljbjJTmN4 fyi/Zjk0+29pwB+W5iWD4AoKqzSsHMCrK73KRyAHcFaHOHILl8grG0GsfJmPGHCz Mm3O7IH5is7ZkvOmbUMY =jQY+ -----END PGP SIGNATURE----- ~  gpg gpg: Go ahead and type your message ... -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Linux Puget-153699 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJX5aagAAoJECaAG7YBLqXZvZwP/21yoEQ3hI9hP0QyrFJu/T/0 sD9Y+DGQHBU5WaII3/iVgBN2V3EQwlzX8dP4/LfTm7NQ0M2flgbPbqf/rUYLQQZg lO489XbI78kk80b3kDebkautN5rQhkU0ZAy/WfDdKmwGnF1hEXzYqEwI5S0tGddT cKt0U3cZ0XuOI7pdtSOD423tNV4l45sIAT/ndAsgpbzT0ZTkza65V/RHWqGQDDT1 VB6WKmuqOca1gTDYGlW5yITfOqdWjB30ljLjuOjFJjcOunJLinux Puget-153699 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux QmlSRDMGyjfdzF3ec X1/+vLKnI0M2ipFaxKTtjdCTo8+26wjExdGca6Sy8v9M0zBjA2vgCGBTwCpXkMQE 4HFZ6N0+6k/3icyNALJhHSRkApNom3ZqINntDNNcN/tyHZVUijb5/hfv7W4D5LSe 8b1/UbF/R46w21sgR4Rzfv5EsbZkkjWx65hTXYWByf4PqZ7NiJJGbETpPC8wSc+4 oZNk9SLZunzE2Gemk2CXu7VXR58BIP014FHjU4FN7k54ZGn7IzU2xfKCZ+se7pFh SzWIrDhZP5vsbCMbh4HzD4WFPLteNOdV+nkHi4iaSXc7UQfdgZIeKb2ljbjJTmN4 fyi/Zjk0+29pwB+W5iWD4AoKqzSsHMCrK73KRyAHcFaHOHILl8grG0GsfJmPGHCz Mm3O7IH5is7ZkvOmbUMY =jQY+ -----END PGP SIGNATURE----- gpg: Signature made Fri 23 Sep 2016 03:03:12 PM PDT gpg: using RSA key 0x26801BB6012EA5D9 gpg: Good signature from "Will Sargent <will.sargent@lightbend.com>" [ultimate] gpg: aka "Will Sargent <will.sargent@gmail.com>" [ultimate] Primary key fingerprint: 75E4 E7F9 1D18 D981 3028 64B1 B1A9 D5A2 A605 F794 Subkey fingerprint: ADB3 1ED0 EC01 44AF 8301 320D 2680 1BB6 012E A5D9 ```
2016-09-22Add $Will Sargent1-1/+1
2016-09-21Add instructions for installing gnupg-curlWill Sargent1-0/+6
Fixes https://github.com/drduh/YubiKey-Guide/issues/5
2016-09-20Prepend $Will Sargent1-2/+2