| Yubico Forum https://forum.yubico.com/ |
|
| master key and subkey for slot2 https://forum.yubico.com/viewtopic.php?f=35&t=2724 |
Page 1 of 1 |
| Author: | valgenova [ Thu Sep 28, 2017 10:05 am ] |
| Post subject: | master key and subkey for slot2 |
Hi, Im trying to configure my yubikey 4 with a new master key and subkey, so that I can use the subkey for ssh authentication. Based on the docs, I need to run the command gpg --expert --gen-key. But first I need to know what configuration slots Im setting up. The gpg2 --card-status doesnt say which configuration slot im setting up. The personalization tool doesnt show settings for sub-key. My question is, how do I know which configuration slot Im setting up, or is there a command to specifically say that im configuring up slot2. Hope you can help me. Thanks in advance valgenova |
|
| Author: | techwg [ Thu Sep 28, 2017 12:07 pm ] |
| Post subject: | Re: master key and subkey for slot2 |
The OpenPGP system does not use slots. It uses the smartcard feature. I have Yubico OTP in slot 1, challenge-response in slot 2, my OpenPGP key, all the certificates listed on the PIV manager that are possible to add and I have added about 6 of the, I think they are OATH? The ones where normally I would open up my phone's Google authenticator app to get the 6 digit code to do the 2-factor for a service that I am logging in. All that is on a single Yubikey. Although I know how to use the OpenPGP, I added all the certificates that the PIV manager can make and I have not a single clue on how to make use of them haha. |
|
| Author: | valgenova [ Sat Sep 30, 2017 3:30 am ] |
| Post subject: | Re: master key and subkey for slot2 |
Hi, Thank you for the reply, I have stored the master and subkey in the yubikey. I have this information in my yubikey when I run the --card-status Quote: Authentication key: 1234 567Y 098U GH99 OM76 XXXX XXXX XXX1 XXX2 XXX3 created ....: 2017-09-28 10:33:58 General key info..: sub rsa4096/123456789 2017-09-28 valgenova (test) <myaddres@mydomain.com> sec rsa4096/123456UI created: 2017-09-28 expires: 2019-09-28 ssb> rsa4096/098765YU created: 2017-09-28 expires: 2019-09-28 I also have generated my rsa_id.pub, with the output of the cardno in the id_rsa.pub, and uploaded it in the remote machine where I will be connecting to, when I uploaded the id_rsa.pub I change the cardno to myemail address as said in the forum. I then connect to that remote machine. I was able to connect with 2 steps authentication, as Yubikey for root login as the first authentication, and then ssh root login as the secondary authentication. My question is on the authentication, how can I make the Yubikey for root login the only step to login on the remote server? with my id_rsa.pub already uploaded on the remote machine . Thank you in advance valgenova |
|
| Author: | Morthawt [ Sat Sep 30, 2017 9:12 pm ] |
| Post subject: | Re: master key and subkey for slot2 |
That, I do not know. (this is my old name I got control back over). If it is not too complicated I would like to use my Yubikey to login to my linux VPS server via SSH using Putty. But from what I have come across, I think it is too much messing around for me. Unless I am wrong. |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|