| Yubico Forum https://forum.yubico.com/ |
|
| [QUESTION] GPG key stored on yubikey not recognised by GPG? https://forum.yubico.com/viewtopic.php?f=26&t=1785 |
Page 1 of 1 |
| Author: | yubi [ Fri Mar 13, 2015 3:28 am ] |
| Post subject: | [QUESTION] GPG key stored on yubikey not recognised by GPG? |
I have a Yubikey NEO. By following various guides, I eventually got this working on Linux Mint 17.1. With the second slot in CCID mode, I was able to transfer a gpg private key from my keyring to the yubikey So Code: gpg2 --card-status shows the details of my card as expected.However, I can't figure out how to actually use the key stored on the yubikey. I believe it should be the case that when I do Code: gpg -K gpg should recognise the keyring on the card and display it in a separate section. Once that is the case, one can use the key to encrypt/decrypt just as normal. Is that correct? If not, what am I missing? |
|
| Author: | Uriel [ Fri Mar 13, 2015 3:18 pm ] |
| Post subject: | Re: [QUESTION] GPG key stored on yubikey not recognised by G |
I think you need to have gpg-agent and scdaemon running. I happend to have GPGTools installed, so adjust the following for your installation. ~/.gnupg/gpg-agent.conf: Code: pinentry-program /usr/local/MacGPG2/libexec/pinentry-mac.app/Contents/MacOS/pinentry-mac #pinentry-program /Applications/MacPorts/pinentry-mac.app/Contents/MacOS/pinentry-mac scdaemon-program /usr/local/MacGPG2/libexec/scdaemon enable-ssh-support write-env-file default-cache-ttl 600 max-cache-ttl 7200 ~/.gnupg/scdaemon.conf: Code: reader-port "Yubico Yubikey NEO OTP+U2F+CCID 00 00"
reader-port "Yubico Yubikey NEO OTP+U2F+CCID 01 00" pcsc-driver /System/Library/Frameworks/PCSC.framework/PCSC disable-ccid card-timeout 15 #Release the card after 15 seconds |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|