mirror of
https://github.com/drduh/YubiKey-Guide.git
synced 2024-11-22 15:28:06 +00:00
Merge pull request #291 from gaffneyd4/improve-recovery-guide
Added clearer recovery options
This commit is contained in:
commit
fe6434577b
@ -80,6 +80,7 @@ If you have a comment or suggestion, please open an [Issue](https://github.com/d
|
|||||||
* [Mailvelope on macOS](#mailvelope-on-macos)
|
* [Mailvelope on macOS](#mailvelope-on-macos)
|
||||||
* [Mutt](#mutt)
|
* [Mutt](#mutt)
|
||||||
- [Reset](#reset)
|
- [Reset](#reset)
|
||||||
|
- [Recovery after reset](#recovery-after-reset)
|
||||||
- [Notes](#notes)
|
- [Notes](#notes)
|
||||||
- [Troubleshooting](#troubleshooting)
|
- [Troubleshooting](#troubleshooting)
|
||||||
- [Alternatives](#alternatives)
|
- [Alternatives](#alternatives)
|
||||||
@ -2647,7 +2648,7 @@ To enable GnuPG support, one can just use the config file `gpg.rc` provided by m
|
|||||||
|
|
||||||
If PIN attempts are exceeded, the card is locked and must be [reset](https://developers.yubico.com/ykneo-openpgp/ResetApplet.html) and set up again using the encrypted backup.
|
If PIN attempts are exceeded, the card is locked and must be [reset](https://developers.yubico.com/ykneo-openpgp/ResetApplet.html) and set up again using the encrypted backup.
|
||||||
|
|
||||||
Copy the following script to a file and run `gpg-connect-agent --run $file` to lock and terminate the card. Then re-insert YubiKey to reset.
|
Copy the following script to a file and run `gpg-connect-agent -r $file` to lock and terminate the card. Then re-insert YubiKey to reset.
|
||||||
|
|
||||||
```console
|
```console
|
||||||
/hex
|
/hex
|
||||||
@ -2677,6 +2678,12 @@ Reset code: NOT SET
|
|||||||
Admin PIN: 12345678
|
Admin PIN: 12345678
|
||||||
```
|
```
|
||||||
|
|
||||||
|
# Recovery after reset
|
||||||
|
|
||||||
|
If for whatever reason you need to reinstate your YubiKey from your master key backup (such as the one stored on an encrypted USB described in [Backup](#backup)), follow the following steps in [Rotating keys](#rotating-keys) to setup your environment, and then follow the steps of again [Configure Smartcard](#configure-smartcard).
|
||||||
|
|
||||||
|
Before you unmount your backup, ask yourself if you should make another one just in case.
|
||||||
|
|
||||||
# Notes
|
# Notes
|
||||||
|
|
||||||
1. YubiKey has two configurations: one invoked with a short press, and the other with a long press. By default, the short-press mode is configured for HID OTP - a brief touch will emit an OTP string starting with `cccccccc`. If you rarely use the OTP mode, you can swap it to the second configuration via the YubiKey Personalization tool. If you *never* use OTP, you can disable it entirely using the [YubiKey Manager](https://developers.yubico.com/yubikey-manager) application (note, this not the similarly named older YubiKey NEO Manager).
|
1. YubiKey has two configurations: one invoked with a short press, and the other with a long press. By default, the short-press mode is configured for HID OTP - a brief touch will emit an OTP string starting with `cccccccc`. If you rarely use the OTP mode, you can swap it to the second configuration via the YubiKey Personalization tool. If you *never* use OTP, you can disable it entirely using the [YubiKey Manager](https://developers.yubico.com/yubikey-manager) application (note, this not the similarly named older YubiKey NEO Manager).
|
||||||
|
Loading…
Reference in New Issue
Block a user