Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 1:43 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 2 posts ] 
Author Message
PostPosted: Thu Dec 29, 2016 8:11 pm 
Offline

Joined: Thu Dec 29, 2016 7:48 pm
Posts: 1
Hi,

I want to decrypt and sign email and use my NEO for SSH logons. I've mostly used the tutorial @<https://github.com/drduh/YubiKey-Guide>. Actions and results:

    - Created key material on an airgapped PC.
    - Keys:
      - Master key on secure offline media.
      - Encryption key on NEO.
      - Signing key on NEO.
      - Authentication key on NEO.
    - SSH:
      - Configured SSH on Ubuntu.
      - Installed Kleopatra and GPG agent on Windows 10.
      - Logons to Ubuntu with PuTTY and NEO work: success!
    - Mail GPG:
      - gpg --import publickey.asc: success.
      - gpg --card-status etc.: success.
      - gpg encryptedmessage.asc: success. So the NEO is used for decryption.

In short: the setup seems to work perfectly fine.

However I've got a problem: I cannot get Kleopatra to work with the NEO setup. What I've tried - similar to above but in Kleopatra:

    - Import publickey.asc (same file as above): "Total number of processed:1, Imported: 0".
    - Decrypt encryptedmessage.asc (same file as above): "Verification failed: general error".

Question: how can I get Kleopatra to work with my NEO?

Thanks,

Jeroen


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Fri Jan 20, 2017 11:18 am 
Offline

Joined: Fri Mar 20, 2015 4:35 pm
Posts: 4
jero0en wrote:
Hi,

I want to decrypt and sign email and use my NEO for SSH logons. I've mostly used the tutorial @<https://github.com/drduh/YubiKey-Guide>. Actions and results:

    - Created key material on an airgapped PC.
    - Keys:
      - Master key on secure offline media.
      - Encryption key on NEO.
      - Signing key on NEO.
      - Authentication key on NEO.
    - SSH:
      - Configured SSH on Ubuntu.
      - Installed Kleopatra and GPG agent on Windows 10.
      - Logons to Ubuntu with PuTTY and NEO work: success!
    - Mail GPG:
      - gpg --import publickey.asc: success.
      - gpg --card-status etc.: success.
      - gpg encryptedmessage.asc: success. So the NEO is used for decryption.

In short: the setup seems to work perfectly fine.

However I've got a problem: I cannot get Kleopatra to work with the NEO setup. What I've tried - similar to above but in Kleopatra:

    - Import publickey.asc (same file as above): "Total number of processed:1, Imported: 0".
    - Decrypt encryptedmessage.asc (same file as above): "Verification failed: general error".

Question: how can I get Kleopatra to work with my NEO?

Thanks,

Jeroen


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512


You clearly need to read up on PGP.
Encrypting is done with the public key (which you did import, though you could have done this an easier way using the fetch command along with the gpg --card-edit if you did set url to your key)
Decrypting is however done with the private subkey (which is supposed to be stored on your card

Try doing the following:

Upload your public key somewhere (preferably a keyserver such as pgp.mit.edu or keybase.io)
Set the url to your pgp card/yubikey using the gpg --card-edit command, then the admin command and finally the url command.

Delete your key entirely from your computer (public and private stubs)

Use gpg --card-edit command then fetch command
Finally use the gpg --card-status command
-----BEGIN PGP SIGNATURE-----

iQFfBAEBCgBJQhxNYXRoaWV1IEhFUlZBSVMgKEdlbmVyYXRlZCBmb3IgWXViaWtl
eSBORU8pIDxtYXRoaWV1bGhAZ21haWwuY29tPgUCWIHjqwAKCRCmuJwc9wJSCM+D
B/9GoHl7sycgDcHke3FwfTr1YI65EZb34HepmkcPxUnwHxRykTHbGU3PK27x0vOV
UzfNNc/C3bvWm2UXfaM2b00vDws1n/L8TN63dm6AY42RM2MWjB9MEd2AsMn8zIMR
wpZQAoqKgMgTCFQTuC11P4gMAGzzrMzjm2WebqD3oCnTNRrvBLLiyS7e08BTRGKN
6zYRu+aDU2PJfRk8C0x3UBWfPtrcAOncNf/4a3yKKyFV4B7DotAgKaHvGT4Wbnre
67Aerkl0LENGLb5iDJa46ZvAkpGOI1FMleEmf+oZ/bP2lZ2OiX3D3WIhMm6mdKN5
XLAt7/qufEsy9l3k7bIUmtZ4
=yF3X
-----END PGP SIGNATURE-----

_________________
---
PGP Fingerprint: DF46 8C79 5D1A 76FF 75B2 C345 4679 EDEF 1B5B B192

Public Key:
https://keybase.io/mathieulh/pgp_keys.asc?fingerprint=df468c795d1a76ff75b2c3454679edef1b5bb192

Proof: https://keybase.io/mathieulh


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: Heise IT-Markt [Crawler] and 12 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group