| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| | |
Clarified PIN config
|
| | |
|
| |
| |
| |
| |
| | |
- define each pin name, default, usage
- call out special admin pin restrictions
|
|\ \
| | |
| | | |
switching between Yubikeys
|
| |/
| |
| | |
section describes the issue and the remedy for GPG stubs only pointing to the Yubikey that was last subject to the keytocard command
|
|\ \
| | |
| | | |
added mention of ssh key support for blue security keys
|
| |/
| |
| |
| |
| | |
As detailed in their recent press release and blog post
https://www.yubico.com/blog/github-now-supports-ssh-security-keys/
|
|/
|
|
| |
````nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-graphical-kde.nix```` no longer exists.
Update to ````nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-graphical-plasma5.nix````
|
|\
| |
| | |
Add note about pass insert error and `trust-key` usage
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When using a previously provisioned YubiKey on a new computer,
I was met with an "Unusable public key" error when trying to insert
a new password, despite being able to decrypt pass entries.
I tried setting the trust on the key via `gpg --edit-key`, but was
then met with "Need secret key to do this."
I found that the solution is apparently to use the `trust-key`
directive in `~/.gnupg/gpg.conf`, which is not mentioned in the README
at the moment.
|
|\ \
| | |
| | | |
Update usage of ykman
|
| | |
| | |
| | |
| | |
| | |
| | | |
Fixes the following warning:
WARNING: The use of this command is deprecated and will be removed!
Replace with: ykman openpgp keys set-touch
|
|\ \ \
| | | |
| | | | |
[security] Adds warning about PUK being default
|
| | |/
| |/| |
|
|\ \ \
| | | |
| | | | |
Adds instructions on changing the PUK
|
| |/ / |
|
| |/
|/| |
|
|\ \
| | |
| | | |
Fix: "quit" to save -> "save" to save
|
| | | |
|
|\ \ \
| | | |
| | | | |
Add SSH setup for macOS GUI applications
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
On macOS, a LaunchAgent needs to be created to overwrite the system's SSH agent.
see https://github.com/drduh/YubiKey-Guide/issues/229
|
| | | |
|
| | |
| | |
| | | |
changed wording according to yubischiess' comment
|
| | |
| | |
| | | |
proposed change according to Issue#215
|
|/ / |
|
|\ \
| | |
| | | |
Add New Agent Forward Method and Clarify Two Methods
|
| | | |
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | | |
This is a mix of two forwarding method,
this commit separates them
|
| | |
| | |
| | |
| | | |
Different methods have different requirements
|
| | | |
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
GPG Agent forwarding has a broader usage, not only
limited to ssh-agent forwarding.
In this commit gpg-agent forwarding is raised as a
separate section as it can not be contained by #SSH
any longer.
More details are added for gpg-agent forwarding, including
some important notes taken from practice and analysis.
For ssh-agent forward, older method are contained, and new
method will be included as framework has been structured.
|
| | |
|
| | |
|
|/ |
|
|\
| |
| | |
Add PowerShell command to get YubiKey name
|
| |
| |
| | |
As gpg-agent.conf didn't exist on my system
|
| | |
|
|\ \
| | |
| | | |
Fix links with parentheses
|
| |/ |
|
|\ \
| | |
| | | |
unset GNUPGHOME variable
|
| |/
| |
| |
| |
| | |
if not done, in the next step you get error:
gpg: keyblock resource '/home/..../gnupg-workspace/pubring.kbx': No such file or directory
gpg: no writable keyring found: Not found
|
|\ \
| | |
| | | |
Changes command to download Debian ISO to use the value in the SHA512SUMS file
|
| | | |
|
| |/
| |
| |
| |
| | |
This removes the need to maintain the version number, which is currently
out of date.
|
| |
| |
| | |
gpg-connect-agent uses `-r/--run` not `-R`
|
|\| |
|
| |\
| | |
| | |
| | | |
Amolith-master
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
As mentioned in #197, the previous behaviour would require users to
touch their key any time an authentication, signing, or encryption
operation was performed. In some situations, this behaviour would be
undesirable and the only way to revert it would be fully resetting the
key and starting from scratch. Rather than using `fixed`, this commit
simply turns the feature `on` so the user can change it later if they
wish.
Additionally, a note about the other policies was included so users can
decide for themselves which fits their situation better.
|