pgp-yubikey.html (3750B)
1 <div class="sourceCode" id="cb1"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb1-1"><a href="#cb1-1" aria-hidden="true" tabindex="-1"></a><span class="ex">gpg</span> <span class="at">--expert</span> <span class="at">--full-gen-key</span></span></code></pre></div> 2 <ul> 3 <li>Enter <code>RSA</code></li> 4 <li>Enter <code>4096</code></li> 5 <li>Enter expiration date</li> 6 <li>Enter user information and email</li> 7 <li>Enter random input (mouse, keyboard) to gain entropy</li> 8 </ul> 9 <p>Output:</p> 10 <pre><code>gpg: key <keyID> marked as ultimately trusted</code></pre> 11 <h2 id="add-authentication-key-if-not-default">Add authentication key 12 (if not default)</h2> 13 <div class="sourceCode" id="cb3"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb3-1"><a href="#cb3-1" aria-hidden="true" tabindex="-1"></a><span class="ex">gpg</span> <span class="at">--expert</span> <span class="at">--edit-key</span> <span class="op"><</span>keyID<span class="op">></span></span></code></pre></div> 14 <div class="sourceCode" id="cb4"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb4-1"><a href="#cb4-1" aria-hidden="true" tabindex="-1"></a><span class="ex">addkey</span></span></code></pre></div> 15 <ul> 16 <li>Enter the <code>passphrase</code></li> 17 <li>Enter <code>8</code> for RSA</li> 18 <li>Enter <code>S</code> for disabling “sign”</li> 19 <li>Enter <code>E</code> for disabling “encrypt”</li> 20 <li>Enter <code>A</code> for enabling “authentication”</li> 21 <li>Enter <code>Q</code> for leaving dialoge</li> 22 <li>Enter key size</li> 23 <li>Enter same expiration date as before</li> 24 <li>Enter <code>Y</code> to safe the changes</li> 25 </ul> 26 <h2 id="back-pgp-key-up">Back pgp-Key up</h2> 27 <div class="sourceCode" id="cb5"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb5-1"><a href="#cb5-1" aria-hidden="true" tabindex="-1"></a><span class="ex">gpg</span> <span class="at">--export-secret-key</span> <span class="at">--armor</span> <span class="op"><</span>KeyID<span class="op">></span></span></code></pre></div> 28 <ul> 29 <li>Store output safe</li> 30 </ul> 31 <h2 id="add-pgp-keys-to-the-yubikey">Add pgp-keys to the YubiKey</h2> 32 <ul> 33 <li>Insert YubiKey into a USB port</li> 34 </ul> 35 <div class="sourceCode" id="cb6"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb6-1"><a href="#cb6-1" aria-hidden="true" tabindex="-1"></a><span class="ex">gpg</span> <span class="at">--edit-key</span> <span class="op"><</span>KeyID<span class="op">></span></span></code></pre></div> 36 <div class="sourceCode" id="cb7"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb7-1"><a href="#cb7-1" aria-hidden="true" tabindex="-1"></a><span class="ex">keytocard</span></span></code></pre></div> 37 <ul> 38 <li>Signature subkey: 39 <ul> 40 <li>Enter <code>keytocard</code></li> 41 <li>Enter <code>Y</code> to continue</li> 42 <li>Enter <code>1</code> to move the signature subkey to a slot in the 43 yubikey</li> 44 <li>Enter <code>key 1</code></li> 45 </ul></li> 46 <li>Encryption subkey: 47 <ul> 48 <li>Enter <code>keytocard</code></li> 49 <li>Enter <code>Y</code> to continue</li> 50 <li>Enter <code>2</code> to move the encryption subkey to a slot in the 51 yubikey</li> 52 <li>Enter <code>key 1</code></li> 53 <li>Enter <code>key 2</code></li> 54 </ul></li> 55 <li>Authentication subkey 56 <ul> 57 <li>Enter <code>keytocard</code></li> 58 <li>Enter <code>3</code> to move the authentication subkey to a slot in 59 the yubikey</li> 60 </ul></li> 61 <li>Enter <code>quit</code> to leave</li> 62 </ul> 63 <p>When asked <strong>do not safe</strong> your changes enabling you to 64 copy the key to another Yubikey.</p> 65 <hr /> 66 <p><a 67 href="https://support.yubico.com/hc/en-us/articles/360013790259-Using-Your-YubiKey-with-OpenPGP">article 68 by yubikey</a></p>