Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 2:15 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 3 posts ] 
Author Message
PostPosted: Fri Sep 02, 2016 10:28 pm 
Offline

Joined: Fri Sep 02, 2016 10:18 pm
Posts: 2
I have a Yubikey 4 and followed the following tutorial on a windows machine with gpg4win installed https://developers.yubico.com/PGP/Importing_keys.html. I’m able to encrypt and decrypt files without a problem on windows however on my laptop (Linux mint 18) im only able to encrypt files since I exported and copied my public key from my windows machine. Im sure im missing something very simple here but any help would be greatly appreciated.

Code:
gpg2 --version
gpg (GnuPG) 2.1.11
libgcrypt 1.6.5
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.


Code:
gpg2 --card-edit
gpg: WARNING: unsafe ownership on configuration file '/home/cyanide/.gnupg/gpg.conf'

Reader ...........: 1050:0407:X:0
Application ID ...: D2760001240102010006047107010000
Version ..........: 2.1
Manufacturer .....: Yubico
Serial number ....: 04710701
Name of cardholder: [not set]
Language prefs ...: en
Sex ..............: unspecified
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: not forced
Key attributes ...: rsa4096 rsa4096 rsa4096
Max. PIN lengths .: 127 127 127
PIN retry counter : 3 0 3
Signature counter : 5
Signature key ....: CD73 B7E9 0BF5 1ACD 561A  66FA 6FB2 5141 963F A26E
      created ....: 2016-09-02 05:49:01
Encryption key....: 0A77 9636 A665 3C9E 6F22  E708 D5D2 8229 7A76 A083
      created ....: 2016-09-02 05:49:01
Authentication key: F00F 61A3 B2B1 B3DE AD25  FF03 0F1C 7113 AEBE BA99
      created ....: 2016-09-02 05:54:22
General key info..: pub  rsa4096/963FA26E 2016-09-02 Strychnine
sec>  rsa4096/963FA26E  created: 2016-09-02  expires: never     
                        card-no: 0006 04710701


Last edited by uniden on Sat Sep 03, 2016 8:46 am, edited 1 time in total.

Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Sat Sep 03, 2016 3:40 am 
Offline
User avatar

Joined: Fri Aug 26, 2016 5:44 pm
Posts: 25
Location: Rochester, New York, USA
uniden wrote:
I have a Yubikey 4 and followed the following tutorial on a windows machine with gpg4win installed https://developers.yubico.com/PGP/Importing_keys.html. I’m able to encrypt and decrypt files without a problem on windows however on my laptop (Linux mint 18) im only able to encrypt files since I exported and copied my public key from my windows machine. Im sure im missing something very simple here but any help would be greatly appreciated.

On source:
Code:
gpg2 --export-secret-keys 0xDEADBEEFDEADBEEF > privkey.gpg

On destination:
Code:
gpg2 --import /path/to/privkey.gpg


Even though the keys themselves are stored on the token, they're still stubbed out in the keyring, otherwise the system wouldn't know it had any secret keys, let alone where to look for them. This means that you still need to export the secret keys and import them on the destination system, so that the destination is aware of their existence and where to find them if they're needed.

UPDATE: A better way to handle this follows.
Code:
$ gpg2 --card-edit
[information from your card here]
gpg/card> fetch
[retrieving <keyid> from keyserver, import messages]
gpg/card> q
$ gpg --card-statue


The keys stored on the token should now be stubbed on your local copy of the key and available for use. This method requires that you have the url set on the card (via gpg --card-edit), otherwise the fetch command won't know where to get the public key from.

If you haven't set the url (or it doesn't work; I'm currently troubleshooting a bug where it says it's retrieving the key, but doesn't actually import it, and there's no error output), you can import the pubkey by whatever means are convenient, then do gpg --card-status to update it with the correct stubs.

_________________
Keybase User: sporkwitch
PGP Public Key: B54A 454A 2B29 9D83 0201 CB1B C136 07BD 83A9 E927


Last edited by SporkWitch on Tue Sep 27, 2016 10:46 am, edited 1 time in total.

Top
 Profile  
Reply with quote  
PostPosted: Sat Sep 03, 2016 8:45 am 
Offline

Joined: Fri Sep 02, 2016 10:18 pm
Posts: 2
That was it, its working now :D thank you


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group