aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/README.md (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add notations sectionStefano Figura2020-08-131-0/+25
|
* Fix usage inconsistencyb1f6c1c42020-08-111-5/+5
| | | | | Master key shall only be used to certify other keys. The usage indicator in README.md is inconsistently shown as SC and C.
* Set touch policy to fixed.Kenny MacDermid2020-05-271-3/+3
| | | | | | | | | Setting the touch policy to `on` does not prevent the policy from later being turned off again. Setting it to `fixed` is more secure because it can not be turned off. If someone wants to disable the touch policy they can always restore the keys from the backups created in the guide.
* Add information on potential PIN issues and how to debug themSebastian Schmieschek2020-05-271-2/+5
| | | | | | | | | | I missed the error message when attempting to set a PIN of only 5 characters due to the UI repeating the options below it. Pinentry happily stores the bogus PIN and even counts down the retry counter when entering the correct (default) one. This can be resolved by unblocking the PIN. Once I ran the gpg-agent with debug output (a tip found in the added link), the issue was obvious.
* Stack rank secure environment and add a few tipsdrduh2020-05-251-19/+42
|
* Merge pull request #185 from vald-phoenix/fix-borken-anchordrduh2020-05-241-5/+5
|\ | | | | Fix broken anchor
| * Fix broken anchorVladyslav Krylasov2020-05-041-5/+5
| | | | | | | | There are two anchors with the same name and this breaks navigation.
* | Fix order of revocation command.Max Mäusezahl2020-05-241-1/+1
| | | | | | | | | | | | | | | | | | | | According to 'man gpg' the order of arguments should be gpg [--homedir name] [--options file] [options] command [args] In this case '--gen-revoke' is the command, '$KEYID' is an argument and '--output $GNUPGHOME/revoke.asc' is an option. Previously this was incorrect (option came first) and would spawn an error.
* | Include --expert when editing master keyMike Mazur2020-05-171-1/+1
|/ | | | This is specifically during setup when rotating keys.
* Clarified wordingJason Stelzer2020-05-041-1/+1
|
* GPG keys on multiple computersJason Stelzer2020-05-041-0/+1
| | | | I feel like this took me longer to figure out than it should have.
* Address throw-keyids issue with mailvelope to fix #178drduh2020-05-031-14/+18
|
* Split export pubkey from backup to fix #175drduh2020-05-031-86/+95
|
* Disambiguate backup volume label to fix #176.drduh2020-05-031-77/+127
|
* Merge pull request #180 from vald-phoenix/yubikey-reset-by-ykmandrduh2020-05-031-0/+6
|\ | | | | Describe ykman PGP keys reset
| * Describe ykman PGP keys resetVladyslav Krylasov2020-04-281-0/+6
| |
* | Merge pull request #179 from vald-phoenix/multiple-yubikeysdrduh2020-05-031-28/+15
|\ \ | | | | | | Describe card serial number error
| * | Describe card serial number errorVladyslav Krylasov2020-04-291-28/+15
| |/
* | Merge pull request #177 from apiraino/revoke-certdrduh2020-05-031-0/+15
|\ \ | | | | | | Add instructions to create a revoke certificate
| * | Add instruction to create a revoke certificateapiraino2020-04-281-0/+15
| |/
* | Merge pull request #170 from murphy83/Abort-Trickdrduh2020-05-031-0/+15
|\ \ | |/ |/| Added some additonal text describing alternatives that may be used
| * Added some additonal text describing alternatives that may be usedMurphy Laptop2020-03-021-0/+15
| |
* | Add steps for renewing (not rotating) sub-keysDaniel Sockwell2020-03-241-1/+102
|/ | | | | | | | | | | | | As discussed in issue #164, the current section on Rotating Keys presents two alternatives: replacing the existing keys with a newly generated key or extending the validity of existing keys by changing their expiration. However, it only provides instructions for the first approach. This commit adds instructions for renewing sub-keys. I am far from an expert, and am submitting this change mostly in hopes that it will provide documentation for the next time I need to renew my sub-keys. I would welcome any changes or clarifications others would care to offer.
* Bump Debian version, license yeardrduh2020-02-121-8/+32
|
* Merge pull request #160 from rvl/nixosdrduh2020-01-221-0/+51
|\ | | | | Add instructions for NixOS
| * Add instructions for NixOSRodney Lorrimar2020-01-221-0/+51
| | | | | | | | I just tested these steps on a spare laptop.
* | Merge pull request #159 from rvl/multiple-yubikeysdrduh2020-01-221-0/+16
|\ \ | | | | | | Add more detail about what to do with multiple YubiKeys
| * | Add more detail about what to do with multiple YubiKeysRodney Lorrimar2020-01-221-0/+16
| |/
* / Add information about setting the primary user IDRodney Lorrimar2020-01-221-0/+30
|/
* Fix gnupg package name for ArchAndrea Scarpino2020-01-211-1/+1
| | | `gnupg2` has been [removed since March 2012](https://lists.archlinux.org/pipermail/arch-dev-public/2012-March/022690.html)
* fix broken linkswsyxbcl2020-01-121-4/+4
|
* Update GitHub instructions on WindowsMark Fayngersh2020-01-071-1/+2
| | | Add command to instruct Git to use WinGPG
* Formatting cleanupdrduh2019-12-301-23/+19
|
* Use larger partition sizes to fix #149.drduh2019-12-301-21/+22
|
* Fix typo in table of contents linkgusttt2019-12-161-1/+1
|
* Document issue #145 and fix #142drduh2019-12-141-12/+10
|
* Fix url formattingdrduh2019-11-191-1/+1
|
* Update Debian version and fix #137drduh2019-11-191-62/+66
|
* Mention yubikey-touch-detectorMaxim Baz2019-11-171-1/+1
|
* Added a fix for failing ssh / GUI pinentryEmile 'iMil' Heitor2019-11-131-1/+1
|
* Add --keyserver flag pointing to Debian keyserverKiel C2019-11-071-1/+1
| | | Fixes #131
* Added important note about pin caching #135Sun Knudsen2019-10-191-0/+2
|
* More lines with old debian version correctedJakub Skory2019-10-091-4/+4
|
* New Debian version: 10.1.0Jakub Skory2019-10-091-1/+1
| | | Before curl returned http/404
* Update VM optionGary Johnson2019-09-271-5/+7
|
* Update README.mdGary Johnson2019-09-241-1/+1
| | | Added primary source stating confirming that devices are read only in all but a few circumstances and that Keys ("secrets") cannot be read after being written to the device
* Merge pull request #126 from vorburger/patch-2drduh2019-09-181-2/+5
|\ | | | | clarify that SSH_AUTH_SOCK should only be set locally, not on the remote server
| * put additional information into single lineMichael Vorburger ⛑️2019-09-171-3/+1
| |
| * clarify that SSH_AUTH_SOCK should only be set locally, not on the remote serverMichael Vorburger ⛑️2019-09-161-2/+7
| |
* | Merge pull request #128 from vorburger/patch-4drduh2019-09-171-1/+4
|\ \ | | | | | | add 'sshd -eddd' Troubleshooting tip
generated by cgit, for Dennis Eriksen