Sunday, November 19, 2017

Adding a yubikey GPG key onto a new machine

If you are using a Yubikey encryption scheme and want to add the key onto a new system there's a few hoops to jump through. These instructions are for Ubuntu trusty.

First, get set up for using the yubikey:
sudo apt-get install gnupg-agent scdaemon pcscd pcsc-tools
you probably need to logout and back in. This post has extra setup, but I didn't have to do any of that, perhaps the gnome keyring badness has been fixed now.

Now check your yubikey is recognized:
pcsc_scan
gpg --card-status
Import the public key into the keyring and trust it:
gpg --import mykey_public_only.asc
gpg --expert --edit-key 123456
trust (set to ultimate)
save
You should now be good to go!


No comments: