@ -4,6 +4,8 @@ Keys stored on YubiKey are [non-exportable](https://support.yubico.com/support/s
**New!** [drduh/Purse](https://github.com/drduh/Purse) is a password manager which uses GPG and YubiKey.
**New!** [drduh/Purse](https://github.com/drduh/Purse) is a password manager which uses GPG and YubiKey.
**Security Note**: If you followed this guide before Jan 2021, your PUK (Pin Unblock Key) may be set to its default value of `12345678`. An attacker can use this to reset your PIN and use your Yubikey. Please see the [Change PUK](#change-puk) section for details on how to change your PUK.
If you have a comment or suggestion, please open an [Issue](https://github.com/drduh/YubiKey-Guide/issues) on GitHub.
If you have a comment or suggestion, please open an [Issue](https://github.com/drduh/YubiKey-Guide/issues) on GitHub.
- [Purchase](#purchase)
- [Purchase](#purchase)
@ -326,7 +328,7 @@ From YubiKey firmware version 5.2.3 onwards - which introduces "Enhancements to
## YubiKey
## YubiKey
To feed the system's PRNG with entropy generated by the YubiKey itself, issue:
To feed the system's PRNG with entropy generated by the YubiKey itself, issue:
```console
```console
$ echo "SCD RANDOM 512" | gpg-connect-agent | sudo tee /dev/random | hexdump -C
$ echo "SCD RANDOM 512" | gpg-connect-agent | sudo tee /dev/random | hexdump -C
```
```
This will seed the Linux kernel's PRNG with additional 512 bytes retrieved from the YubiKey.
This will seed the Linux kernel's PRNG with additional 512 bytes retrieved from the YubiKey.
Nemo
3 years ago