46 lines
1.4 KiB
Markdown
46 lines
1.4 KiB
Markdown
# Yubikey
|
|
|
|
A list of sites that my yubikey's are registerd with.
|
|
|
|
| Site | Primary Key Registered | Backup Key Registered |
|
|
| ----------- | :--------------------: | :-------------------: |
|
|
| Proton | ✅ | |
|
|
| Facebook | ✅ | |
|
|
| M4-Mac-Mini | ✅ | |
|
|
| github | ✅ | |
|
|
| gitea | ✅ | |
|
|
|
|
## Moving GPG keys onto Yubikey
|
|
|
|
[helpful-youtube-video](https://www.youtube.com/watch?v=xGsixSh6sC4)
|
|
|
|
The `GPG-Suite` application needs to be installed on macOS in order to interact with the yubikey.
|
|
This then gives you access to use the `gpg --card-edit` command that allows you to add gpg-keys to
|
|
the yubikey itself.
|
|
|
|
### Default PIN's for yubikey (need changed below).
|
|
|
|
1. User: 123456
|
|
1. Admin: 12345678
|
|
|
|
### Sequence (from memory, may be off / need checked).
|
|
|
|
1. `gpg --card-edit`
|
|
1. `admin`
|
|
|
|
## Setting up macOS to use gpg-agent for ssh
|
|
|
|
The following lines need added to `~/.gnupg/gpg-agent.conf`, `enable-ssh-support`.
|
|
|
|
```bash
|
|
echo enable-ssh-support > ~/.gnupg/gpg-agent.conf
|
|
```
|
|
|
|
The following lines were added to `.zshrc` to enable the usage of the gpg-agent for ssh (should need
|
|
to be done again, as long as dotfiles are installed and linked correctly).
|
|
|
|
```bash
|
|
gpgconf --launch gpg-agent
|
|
export SSH_AUTH_SOCK=~/.gnupg/S.gpg-agent.ssh
|
|
```
|