Yubico Forum https://forum.yubico.com/ |
|
How to backup a YubiKey when all keys are moved to it? https://forum.yubico.com/viewtopic.php?f=35&t=2550 |
Page 1 of 1 |
Author: | TheStigh [ Wed Feb 01, 2017 5:29 pm ] |
Post subject: | How to backup a YubiKey when all keys are moved to it? |
Hi, After moving all keys from the local certificate to the YubiKey 4 (according to https://github.com/drduh/YubiKey-Guide/ ... public-key) I would like to have a backup YubiKey stored on a safe location. Is it possible to do this by any commands or routine? The only way I see it at the moment is to: - Delete all existing local keyrings/trust.db - Import the backed up certificate - Re-do the procedure (https://github.com/drduh/YubiKey-Guide/ ... public-key) to the new YubiKey Hopefully there is an easier way... |
Author: | Mathieulh [ Wed Feb 08, 2017 3:55 pm ] |
Post subject: | Re: How to backup a YubiKey when all keys are moved to it? |
TheStigh wrote: Hi, After moving all keys from the local certificate to the YubiKey 4 (according to https://github.com/drduh/YubiKey-Guide/ ... public-key) I would like to have a backup YubiKey stored on a safe location. Is it possible to do this by any commands or routine? The only way I see it at the moment is to: - Delete all existing local keyrings/trust.db - Import the backed up certificate - Re-do the procedure (https://github.com/drduh/YubiKey-Guide/ ... public-key) to the new YubiKey Hopefully there is an easier way... -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 It's actually the only way, you need to use the gpg --delete-secret-keys command and to import your subkeys again to your new yubikey (after using the gpg --card-status command) (you need to have exported these BEFORE using the keytocard command, otherwise they are lost and you need to revoke those subkeys and generate (and export) new ones, assuming you still have access to your master key.) -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJYmzF6AAoJEKa4nBz3AlIIrzAH/RMuvtMXfwCNlnBJUQ3Ly/ED Fy+nBJFtNdPQe9/8ndgbRbghtjKDTRr5u9Nzw3H0VAKFxhi5b22VNZ0Xbt8199/Q O4MjDSUD+lKkmvHtsJdC/xsXk7pkJeQP4h2DzjimZjgWgK5lRlQqXtqW57+CrrSR ldZ5hIOw8M9W8q3tuEdibD99P5ASw7S08XSum3wxyPx7Yje4KN1xvx+SVAFutYLJ TtGAx3yv+1Up9AnANhTEgGXqAS0JrxTgCkA/o87vnMplzThD2IspgUzyze7PoIlG 8/3awVMIIpuHYdyb/EfsXui8Ey8y3ZvrDikT4y+Fnk7TthkNXnzsQCvRsLcakQM= =gnbK -----END PGP SIGNATURE----- |
Page 1 of 1 | All times are UTC + 1 hour |
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |