aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/README.md (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Change Debian ISO url to be generated from the contents of SHA512SUM.Anthony Muller2020-09-251-2/+2
| | | | | This removes the need to maintain the version number, which is currently out of date.
* Merge branch 'master' of https://github.com/Amolith/YubiKey-Guide into ↵drduh2020-08-301-3/+35
|\ | | | | | | Amolith-master
| * change defaults and add info to #Require touchAmolith2020-08-261-3/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | As mentioned in #197, the previous behaviour would require users to touch their key any time an authentication, signing, or encryption operation was performed. In some situations, this behaviour would be undesirable and the only way to revert it would be fully resetting the key and starting from scratch. Rather than using `fixed`, this commit simply turns the feature `on` so the user can change it later if they wish. Additionally, a note about the other policies was included so users can decide for themselves which fits their situation better.
* | Add option to retrieve additionaly entropy from YubiKey itselfMirko Vogt2020-08-291-0/+13
|/
* Merge pull request #203 from bengim/bengim-patch-PyOpenSSLdrduh2020-08-221-0/+2
|\ | | | | fixing wrong cryptography version
| * Update README.mdbengim2020-08-221-0/+2
| | | | | | fixing wrong cryptography version by explicitly installing PyOpenSSL
* | Correct spellingStefano Figura2020-08-141-3/+3
| |
* | Update wording Stefano Figura2020-08-141-1/+3
| | | | | | Ensure that is clear that we do not need to modify keys or even plug the yubikey
* | Update notation sectionStefano Figura2020-08-131-1/+1
| |
* | Add notations sectionStefano Figura2020-08-131-0/+25
|/
* Fix usage inconsistencyb1f6c1c42020-08-111-5/+5
| | | | | Master key shall only be used to certify other keys. The usage indicator in README.md is inconsistently shown as SC and C.
* Set touch policy to fixed.Kenny MacDermid2020-05-271-3/+3
| | | | | | | | | Setting the touch policy to `on` does not prevent the policy from later being turned off again. Setting it to `fixed` is more secure because it can not be turned off. If someone wants to disable the touch policy they can always restore the keys from the backups created in the guide.
* Add information on potential PIN issues and how to debug themSebastian Schmieschek2020-05-271-2/+5
| | | | | | | | | | I missed the error message when attempting to set a PIN of only 5 characters due to the UI repeating the options below it. Pinentry happily stores the bogus PIN and even counts down the retry counter when entering the correct (default) one. This can be resolved by unblocking the PIN. Once I ran the gpg-agent with debug output (a tip found in the added link), the issue was obvious.
* Stack rank secure environment and add a few tipsdrduh2020-05-251-19/+42
|
* Merge pull request #185 from vald-phoenix/fix-borken-anchordrduh2020-05-241-5/+5
|\ | | | | Fix broken anchor
| * Fix broken anchorVladyslav Krylasov2020-05-041-5/+5
| | | | | | | | There are two anchors with the same name and this breaks navigation.
* | Fix order of revocation command.Max Mäusezahl2020-05-241-1/+1
| | | | | | | | | | | | | | | | | | | | According to 'man gpg' the order of arguments should be gpg [--homedir name] [--options file] [options] command [args] In this case '--gen-revoke' is the command, '$KEYID' is an argument and '--output $GNUPGHOME/revoke.asc' is an option. Previously this was incorrect (option came first) and would spawn an error.
* | Include --expert when editing master keyMike Mazur2020-05-171-1/+1
|/ | | | This is specifically during setup when rotating keys.
* Clarified wordingJason Stelzer2020-05-041-1/+1
|
* GPG keys on multiple computersJason Stelzer2020-05-041-0/+1
| | | | I feel like this took me longer to figure out than it should have.
* Address throw-keyids issue with mailvelope to fix #178drduh2020-05-031-14/+18
|
* Split export pubkey from backup to fix #175drduh2020-05-031-86/+95
|
* Disambiguate backup volume label to fix #176.drduh2020-05-031-77/+127
|
* Merge pull request #180 from vald-phoenix/yubikey-reset-by-ykmandrduh2020-05-031-0/+6
|\ | | | | Describe ykman PGP keys reset
| * Describe ykman PGP keys resetVladyslav Krylasov2020-04-281-0/+6
| |
* | Merge pull request #179 from vald-phoenix/multiple-yubikeysdrduh2020-05-031-28/+15
|\ \ | | | | | | Describe card serial number error
| * | Describe card serial number errorVladyslav Krylasov2020-04-291-28/+15
| |/
* | Merge pull request #177 from apiraino/revoke-certdrduh2020-05-031-0/+15
|\ \ | | | | | | Add instructions to create a revoke certificate
| * | Add instruction to create a revoke certificateapiraino2020-04-281-0/+15
| |/
* | Merge pull request #170 from murphy83/Abort-Trickdrduh2020-05-031-0/+15
|\ \ | |/ |/| Added some additonal text describing alternatives that may be used
| * Added some additonal text describing alternatives that may be usedMurphy Laptop2020-03-021-0/+15
| |
* | Add steps for renewing (not rotating) sub-keysDaniel Sockwell2020-03-241-1/+102
|/ | | | | | | | | | | | | As discussed in issue #164, the current section on Rotating Keys presents two alternatives: replacing the existing keys with a newly generated key or extending the validity of existing keys by changing their expiration. However, it only provides instructions for the first approach. This commit adds instructions for renewing sub-keys. I am far from an expert, and am submitting this change mostly in hopes that it will provide documentation for the next time I need to renew my sub-keys. I would welcome any changes or clarifications others would care to offer.
* Bump Debian version, license yeardrduh2020-02-121-8/+32
|
* Merge pull request #160 from rvl/nixosdrduh2020-01-221-0/+51
|\ | | | | Add instructions for NixOS
| * Add instructions for NixOSRodney Lorrimar2020-01-221-0/+51
| | | | | | | | I just tested these steps on a spare laptop.
* | Merge pull request #159 from rvl/multiple-yubikeysdrduh2020-01-221-0/+16
|\ \ | | | | | | Add more detail about what to do with multiple YubiKeys
| * | Add more detail about what to do with multiple YubiKeysRodney Lorrimar2020-01-221-0/+16
| |/
* / Add information about setting the primary user IDRodney Lorrimar2020-01-221-0/+30
|/
* Fix gnupg package name for ArchAndrea Scarpino2020-01-211-1/+1
| | | `gnupg2` has been [removed since March 2012](https://lists.archlinux.org/pipermail/arch-dev-public/2012-March/022690.html)
* fix broken linkswsyxbcl2020-01-121-4/+4
|
* Update GitHub instructions on WindowsMark Fayngersh2020-01-071-1/+2
| | | Add command to instruct Git to use WinGPG
* Formatting cleanupdrduh2019-12-301-23/+19
|
* Use larger partition sizes to fix #149.drduh2019-12-301-21/+22
|
* Fix typo in table of contents linkgusttt2019-12-161-1/+1
|
* Document issue #145 and fix #142drduh2019-12-141-12/+10
|
* Fix url formattingdrduh2019-11-191-1/+1
|
* Update Debian version and fix #137drduh2019-11-191-62/+66
|
* Mention yubikey-touch-detectorMaxim Baz2019-11-171-1/+1
|
* Added a fix for failing ssh / GUI pinentryEmile 'iMil' Heitor2019-11-131-1/+1
|
* Add --keyserver flag pointing to Debian keyserverKiel C2019-11-071-1/+1
| | | Fixes #131
generated by cgit, for Dennis Eriksen