Yubico Forum :: View topic - Yubikey 4 gpg decrypting [Solved]

gpg2 --version
gpg (GnuPG) 2.1.11
libgcrypt 1.6.5
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gpg2 --card-edit
gpg: WARNING: unsafe ownership on configuration file '/home/cyanide/.gnupg/gpg.conf'

Reader ...........: 1050:0407:X:0
Application ID ...: D2760001240102010006047107010000
Version ..........: 2.1
Manufacturer .....: Yubico
Serial number ....: 04710701
Name of cardholder: [not set]
Language prefs ...: en
Sex ..............: unspecified
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: not forced
Key attributes ...: rsa4096 rsa4096 rsa4096
Max. PIN lengths .: 127 127 127
PIN retry counter : 3 0 3
Signature counter : 5
Signature key ....: CD73 B7E9 0BF5 1ACD 561A 66FA 6FB2 5141 963F A26E
created ....: 2016-09-02 05:49:01
Encryption key....: 0A77 9636 A665 3C9E 6F22 E708 D5D2 8229 7A76 A083
created ....: 2016-09-02 05:49:01
Authentication key: F00F 61A3 B2B1 B3DE AD25 FF03 0F1C 7113 AEBE BA99
created ....: 2016-09-02 05:54:22
General key info..: pub rsa4096/963FA26E 2016-09-02 Strychnine
sec> rsa4096/963FA26E created: 2016-09-02 expires: never
card-no: 0006 04710701

Author:	uniden [ Fri Sep 02, 2016 10:28 pm ]
Post subject:	Yubikey 4 gpg decrypting [Solved]
I have a Yubikey 4 and followed the following tutorial on a windows machine with gpg4win installed https://developers.yubico.com/PGP/Importing_keys.html. I’m able to encrypt and decrypt files without a problem on windows however on my laptop (Linux mint 18) im only able to encrypt files since I exported and copied my public key from my windows machine. Im sure im missing something very simple here but any help would be greatly appreciated. Code: gpg2 --version gpg (GnuPG) 2.1.11 libgcrypt 1.6.5 Copyright (C) 2016 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Code: gpg2 --card-edit gpg: WARNING: unsafe ownership on configuration file '/home/cyanide/.gnupg/gpg.conf' Reader ...........: 1050:0407:X:0 Application ID ...: D2760001240102010006047107010000 Version ..........: 2.1 Manufacturer .....: Yubico Serial number ....: 04710701 Name of cardholder: [not set] Language prefs ...: en Sex ..............: unspecified URL of public key : [not set] Login data .......: [not set] Signature PIN ....: not forced Key attributes ...: rsa4096 rsa4096 rsa4096 Max. PIN lengths .: 127 127 127 PIN retry counter : 3 0 3 Signature counter : 5 Signature key ....: CD73 B7E9 0BF5 1ACD 561A 66FA 6FB2 5141 963F A26E created ....: 2016-09-02 05:49:01 Encryption key....: 0A77 9636 A665 3C9E 6F22 E708 D5D2 8229 7A76 A083 created ....: 2016-09-02 05:49:01 Authentication key: F00F 61A3 B2B1 B3DE AD25 FF03 0F1C 7113 AEBE BA99 created ....: 2016-09-02 05:54:22 General key info..: pub rsa4096/963FA26E 2016-09-02 Strychnine sec> rsa4096/963FA26E created: 2016-09-02 expires: never card-no: 0006 04710701

Author:	SporkWitch [ Sat Sep 03, 2016 3:40 am ]
Post subject:	Re: Yubikey 4 gpg decrypting
uniden wrote: I have a Yubikey 4 and followed the following tutorial on a windows machine with gpg4win installed https://developers.yubico.com/PGP/Importing_keys.html. I’m able to encrypt and decrypt files without a problem on windows however on my laptop (Linux mint 18) im only able to encrypt files since I exported and copied my public key from my windows machine. Im sure im missing something very simple here but any help would be greatly appreciated. On source: Code: gpg2 --export-secret-keys 0xDEADBEEFDEADBEEF > privkey.gpg On destination: Code: gpg2 --import /path/to/privkey.gpg Even though the keys themselves are stored on the token, they're still stubbed out in the keyring, otherwise the system wouldn't know it had any secret keys, let alone where to look for them. This means that you still need to export the secret keys and import them on the destination system, so that the destination is aware of their existence and where to find them if they're needed. UPDATE: A better way to handle this follows. Code: $ gpg2 --card-edit [information from your card here] gpg/card> fetch [retrieving <keyid> from keyserver, import messages] gpg/card> q $ gpg --card-statue The keys stored on the token should now be stubbed on your local copy of the key and available for use. This method requires that you have the url set on the card (via gpg --card-edit), otherwise the fetch command won't know where to get the public key from. If you haven't set the url (or it doesn't work; I'm currently troubleshooting a bug where it says it's retrieving the key, but doesn't actually import it, and there's no error output), you can import the pubkey by whatever means are convenient, then do gpg --card-status to update it with the correct stubs.

Author:	uniden [ Sat Sep 03, 2016 8:45 am ]
Post subject:	Re: Yubikey 4 gpg decrypting
That was it, its working now thank you

Yubico Forum https://forum.yubico.com/

Yubikey 4 gpg decrypting [Solved] https://forum.yubico.com/viewtopic.php?f=35&t=2410	Page 1 of 1

Page 1 of 1	All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/