aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/README.md (follow)
Commit message (Collapse)AuthorAgeFilesLines
* add explicit public key naming for IdentitiesOnly usageJames Wu2018-03-141-1/+15
|
* install hopenpgp-tools as it is used in section ↵W1lkins2018-03-031-1/+1
| | | | https://github.com/drduh/YubiKey-Guide\#check-your-work where an apt-get command is listed
* Change rights of 'gpg.conf' to avoid warningMarjan Grabowski2018-02-261-0/+4
|
* Use gpgconf to get the ssh auth sock.Nick Sandford2018-02-251-1/+1
|
* remove not need keyserver certificate, see ↵Philipp Eckel2018-02-221-5/+0
| | | | https://github.com/drduh/YubiKey-Guide/issues/48
* remove outdated use-standard-socket option from SSH config, see here: ↵Philipp Eckel2018-01-301-1/+0
| | | | https://www.gnupg.org/documentation/manuals/gnupg/Agent-Options.html
* Formatting nitdrduh2018-01-161-4/+1
|
* Formatting fixdrduh2017-12-211-1/+2
|
* Update README.mdkiralex2017-12-181-1/+2
|
* fix ssh-agent does not work on archlinuxkiralex2017-12-181-0/+5
|
* Mention ssh multiplex to ease multiple connectionsdrduh2017-12-181-0/+2
|
* Describe status if public key not imported, fix #6drduh2017-12-181-0/+2
|
* Reference paper backup instructions, fix #3drduh2017-12-181-2/+4
|
* Document error from Debian 9drduh2017-12-141-0/+2
|
* Document ssh-add errordrduh2017-12-141-0/+2
|
* emphasize 2048 bit as the correct key size for the YubiKey NeoPhilipp Eckel2017-12-121-1/+3
|
* fix exporting KEYIDPhilipp Eckel2017-11-101-1/+1
|
* Whitespace fixes.Ben Low2017-10-101-51/+51
|
* Updated to gpg 2.2.1, and added some macOS references.Ben Low2017-10-101-286/+243
|
* Replace hkt with gpg to fix unsupported GnuPG 2.1Aleksandr Vinokurov2017-09-231-1/+1
| | | | | | hkt does not support GnuPG 2.1 because it expects gpg pubring. But the export can be done by gpg itself.
* Make hkt respect custom $GNUPGHOMEBrendan Rius2017-08-131-1/+1
|
* Add information about composite USB mode on YK with firmware >=3.3Dawid Łakomski2017-05-121-0/+3
|
* Use require-cross-certification option. Fix #14.drduh2016-09-251-0/+1
|
* Plug in YubiKey correctly. Fix #9.drduh2016-09-251-1/+3
|
* Merge pull request #24 from wsargent/patch-3drduh2016-09-251-0/+2
|\ | | | | Use AES256 for private key password encryption
| * Use AES256 for private key password encryptionWill Sargent2016-09-241-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds ``` s2k-cipher-algo AES256 ``` to the GPG configuration, per https://pthree.org/2015/11/19/your-gnupg-private-key/ > --s2k-cipher-algo name > Use name as the cipher algorithm used to protect secret keys. The default cipher is CAST5. This cipher is also used for symmetric encryption with a passphrase if --personal-cipher-preferences and --cipher-algo is not given. https://www.gnupg.org/documentation/manuals/gnupg-2.0/OpenPGP-Options.html#index-s2k_002dcipher_002dalgo
* | Use signing subkeyWill Sargent2016-09-231-2/+2
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The signature was made using `0xBECFA3C1AE191D15`, and has to be used with the signing key, not the root key. I can verify this with my own key -- using the keyid doesn't work: ``` ~  echo "$(uname -a)" | gpg --armor --clearsign --default-key 0xB1A9D5A2A605F794 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Linux Puget-153699 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJX5aWdAAoJECaAG7YBLqXZi1EP/3R4oOdkXqZXcskwzfjBXa68 oZeKxTB8i74tSPXp0SL26+ULOQ6GRJdIFod2MQtqfjeu6dyNEbIBF1pHWnyLx4Bn p/+ROoOTiBSFEWPts++yYhmo0tS0cXPv6QPCYqj4mPkJe6u8wVp5hkoyujL/k9bs cAZSbeyV/hggS0rFTN4/5AeUky4LJPrWYkAiln7D0PVQeZc6DFlDpeup1Az7hWV5 ImRglAfoacNq+0LWslnc51/4knFGC/k4RS/QAyfUNJG/yy/ZZs6FNc7FjyZkw87E yRqqSPkuL64BmzNxmfKnwgMAesaq8D674lRb7b9TC8sQuuelcbgPkCCDioRmCSWh +NIe+pwWLIXHSwQntO2FblGFL+IeDYBZy3P5nO+N12EHn2oS2psep04STq5cjRaa PTMopcDsThzXljn8b6p+Iu2BaFiMkEwpAD8f0knR4DZzorpgMjIV0mEdeDuTzC1L dPHc7uZsTSSTEgxm7JO8x1h3hfwqX+KvVhmo0SgvwexqsmH7+b6j948RPGSCGBys wS8HEQgzgznQYSxqnCHvuDT9cIuyuCi9BZfqvRy3NSa+ixKMHJ4n2rFWlw8WbvTm tKFumm2z3z9JkijzJFj4sHETebaa2ip/TxeQvhFD/jEBB1XaqneDw1UaRll+6auA K6naZ0LzZx2cOzJpn4xN =TVTZ -----END PGP SIGNATURE----- ~  ~  gpg gpg: Go ahead and type your message ... -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Linux Puget-153699 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJX5aWdAAoJECaAG7YBLqXZi1EP/3R4oOdkXqZXcskLinux Puget-153699 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/LinuxwzfjBXa68 oZeKxTB8i74tSPXp0SL26+ULOQ6GRJdIFod2MQtqfjeu6dyNEbIBF1pHWnyLx4Bn p/+ROoOTiBSFEWPts++yYhmo0tS0cXPv6QPCYqj4mPkJe6u8wVp5hkoyujL/k9bs cAZSbeyV/hggS0rFTN4/5AeUky4LJPrWYkAiln7D0PVQeZc6DFlDpeup1Az7hWV5 ImRglAfoacNq+0LWslnc51/4knFGC/k4RS/QAyfUNJG /yy/ZZs6FNc7FjyZkw87E yRqqSPkuL64BmzNxmfKnwgMAesaq8D674lRb7b9TC8sQuuelcbgPkCCDioRmCSWh +NIe+pwWLIXHSwQntO2FblGFL+IeDYBZy3P5nO+N12EHn2oS2psep04STq5cjRaa PTMopcDsThzXljn8b6p+Iu2BaFiMkEwpAD8f0knR4DZzorpgMjIV0mEdeDuTzC1L dPHc7uZsTSSTEgxm7JO8x1h3hfwqX+K vVhmo0SgvwexqsmH7+b6j948RPGSCGBys wS8HEQgzgznQYSxqnCHvuDT9cIuyuCi9BZfqvRy3NSa+ixKMHJ4n2rFWlw8WbvTm tKFumm2z3z9JkijzJFj4sHETebaa2ip/TxeQvhFD/jEBB1XaqneDw1UaRll+6auA K6naZ0LzZx2cOzJpn4xN =TVTZ -----END PGP SIGNATURE----- gpg: Signature made Fri 23 Sep 2016 02:58:53 PM PDT gpg: using RSA key 0x26801BB6012EA5D9 gpg: BAD signature from "Will Sargent <will.sargent@lightbend.com>" [ultimate] ``` but using the signing key does work: ``` ✘  ~  echo "$(uname -a)" | gpg --armor --clearsign --default-key 0x26801BB6012EA5D9 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Linux Puget-153699 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJX5aagAAoJECaAG7YBLqXZvZwP/21yoEQ3hI9hP0QyrFJu/T/0 sD9Y+DGQHBU5WaII3/iVgBN2V3EQwlzX8dP4/LfTm7NQ0M2flgbPbqf/rUYLQQZg lO489XbI78kk80b3kDebkautN5rQhkU0ZAy/WfDdKmwGnF1hEXzYqEwI5S0tGddT cKt0U3cZ0XuOI7pdtSOD423tNV4l45sIAT/ndAsgpbzT0ZTkza65V/RHWqGQDDT1 VB6WKmuqOca1gTDYGlW5yITfOqdWjB30ljLjuOjFJjcOunJQmlSRDMGyjfdzF3ec X1/+vLKnI0M2ipFaxKTtjdCTo8+26wjExdGca6Sy8v9M0zBjA2vgCGBTwCpXkMQE 4HFZ6N0+6k/3icyNALJhHSRkApNom3ZqINntDNNcN/tyHZVUijb5/hfv7W4D5LSe 8b1/UbF/R46w21sgR4Rzfv5EsbZkkjWx65hTXYWByf4PqZ7NiJJGbETpPC8wSc+4 oZNk9SLZunzE2Gemk2CXu7VXR58BIP014FHjU4FN7k54ZGn7IzU2xfKCZ+se7pFh SzWIrDhZP5vsbCMbh4HzD4WFPLteNOdV+nkHi4iaSXc7UQfdgZIeKb2ljbjJTmN4 fyi/Zjk0+29pwB+W5iWD4AoKqzSsHMCrK73KRyAHcFaHOHILl8grG0GsfJmPGHCz Mm3O7IH5is7ZkvOmbUMY =jQY+ -----END PGP SIGNATURE----- ~  gpg gpg: Go ahead and type your message ... -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Linux Puget-153699 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJX5aagAAoJECaAG7YBLqXZvZwP/21yoEQ3hI9hP0QyrFJu/T/0 sD9Y+DGQHBU5WaII3/iVgBN2V3EQwlzX8dP4/LfTm7NQ0M2flgbPbqf/rUYLQQZg lO489XbI78kk80b3kDebkautN5rQhkU0ZAy/WfDdKmwGnF1hEXzYqEwI5S0tGddT cKt0U3cZ0XuOI7pdtSOD423tNV4l45sIAT/ndAsgpbzT0ZTkza65V/RHWqGQDDT1 VB6WKmuqOca1gTDYGlW5yITfOqdWjB30ljLjuOjFJjcOunJLinux Puget-153699 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux QmlSRDMGyjfdzF3ec X1/+vLKnI0M2ipFaxKTtjdCTo8+26wjExdGca6Sy8v9M0zBjA2vgCGBTwCpXkMQE 4HFZ6N0+6k/3icyNALJhHSRkApNom3ZqINntDNNcN/tyHZVUijb5/hfv7W4D5LSe 8b1/UbF/R46w21sgR4Rzfv5EsbZkkjWx65hTXYWByf4PqZ7NiJJGbETpPC8wSc+4 oZNk9SLZunzE2Gemk2CXu7VXR58BIP014FHjU4FN7k54ZGn7IzU2xfKCZ+se7pFh SzWIrDhZP5vsbCMbh4HzD4WFPLteNOdV+nkHi4iaSXc7UQfdgZIeKb2ljbjJTmN4 fyi/Zjk0+29pwB+W5iWD4AoKqzSsHMCrK73KRyAHcFaHOHILl8grG0GsfJmPGHCz Mm3O7IH5is7ZkvOmbUMY =jQY+ -----END PGP SIGNATURE----- gpg: Signature made Fri 23 Sep 2016 03:03:12 PM PDT gpg: using RSA key 0x26801BB6012EA5D9 gpg: Good signature from "Will Sargent <will.sargent@lightbend.com>" [ultimate] gpg: aka "Will Sargent <will.sargent@gmail.com>" [ultimate] Primary key fingerprint: 75E4 E7F9 1D18 D981 3028 64B1 B1A9 D5A2 A605 F794 Subkey fingerprint: ADB3 1ED0 EC01 44AF 8301 320D 2680 1BB6 012E A5D9 ```
* Add $Will Sargent2016-09-221-1/+1
|
* Add instructions for installing gnupg-curlWill Sargent2016-09-211-0/+6
| | | Fixes https://github.com/drduh/YubiKey-Guide/issues/5
* Prepend $Will Sargent2016-09-201-2/+2
|
* Add key checkingWill Sargent2016-09-201-0/+11
|
* Add an extra error conditionWill Sargent2016-09-201-0/+2
|
* Discuss pinentry-gnome3Will Sargent2016-09-161-0/+2
|
* Adds explanation of ssh-add -L optionWill Sargent2016-09-161-1/+1
|
* Change linkWill Sargent2016-09-161-1/+1
| | | https://rnorth.org/8/gpg-and-ssh-with-yubikey-for-mac is https://rnorth.org/gpg-and-ssh-with-yubikey-for-mac now.
* Followed my own guide to make new keys; refreshdrduh2016-05-251-251/+507
|
* Merge pull request #1 from victorso/patch-1drduh2016-05-181-0/+4
|\ | | | | yubikey tails fix
| * yubikey tails fixVictor Fischer Scattone2016-05-181-0/+4
| | | | | | Fix to use the yubikey on Tails
* | Export public key to fileVictor Fischer Scattone2016-05-181-1/+1
|/ | | The public key must be written on a file.
* Use variable to store Key IDdrduh2016-05-091-10/+15
|
* Add encrypted USB backup instructions, grammar fixesdrduh2016-04-251-23/+110
|
* Use IO rediction for revocation certificate stepdrduh2016-02-251-1/+1
|
* Fix up formatting.drduh2016-02-011-7/+4
|
* Create local configuration, toodrduh2016-02-011-4/+27
|
* Create README.mddrduh2016-01-311-0/+897