78164e8bfd
Set touch policy to fixed.
...
Setting the touch policy to `on` does not prevent the policy from
later being turned off again. Setting it to `fixed` is more secure
because it can not be turned off.
If someone wants to disable the touch policy they can always restore
the keys from the backups created in the guide.
4 years ago
a7ef91d4d8
Merge pull request #190 from schmie/add-info-on-PIN-issues-and-debugging-them
...
Add information on potential PIN issues and how to debug them
4 years ago
e1055025fe
Add information on potential PIN issues and how to debug them
...
I missed the error message when attempting to set a PIN of only 5 characters due
to the UI repeating the options below it.
Pinentry happily stores the bogus PIN and even counts down the retry counter
when entering the correct (default) one. This can be resolved by unblocking the
PIN.
Once I ran the gpg-agent with debug output (a tip found in the added link), the
issue was obvious.
4 years ago
ccb8b0130a
Stack rank secure environment and add a few tips
4 years ago
0bd52ed7d8
Merge pull request #185 from vald-phoenix/fix-borken-anchor
...
Fix broken anchor
4 years ago
26883ba160
Merge pull request #189 from mmaeusezahl/fix_revocation_command
...
Fix order of revocation command
4 years ago
1cf9656b33
Fix order of revocation command.
...
According to 'man gpg' the order of arguments should be
gpg [--homedir name] [--options file] [options] command [args]
In this case '--gen-revoke' is the command, '$KEYID' is an argument and
'--output $GNUPGHOME/revoke.asc' is an option. Previously this was
incorrect (option came first) and would spawn an error.
4 years ago
0f850c5d2b
Merge pull request #187 from mikem/rotate-edit-in-expert-mode
...
Include --expert when editing master key
4 years ago
de13c8dba6
Include --expert when editing master key
...
This is specifically during setup when rotating keys.
4 years ago
4c1d538c60
Fix broken anchor
...
There are two anchors with the same name and this breaks navigation.
4 years ago
740f0745f5
Merge pull request #184 from jstelzer/gpg-on-second-computer
...
Gpg on second computer
4 years ago
aea317b527
Clarified wording
4 years ago
07134a4e4f
GPG keys on multiple computers
...
I feel like this took me longer to figure out than it should have.
4 years ago
93cbbd9d8b
Address throw-keyids issue with mailvelope to fix #178
4 years ago
46d1d89115
Split export pubkey from backup to fix #175
4 years ago
bf38b94a65
Disambiguate backup volume label to fix #176 .
4 years ago
aad01ffde4
Merge pull request #180 from vald-phoenix/yubikey-reset-by-ykman
...
Describe ykman PGP keys reset
4 years ago
3be47a8c32
Merge pull request #179 from vald-phoenix/multiple-yubikeys
...
Describe card serial number error
4 years ago
a1a4a303f9
Merge pull request #177 from apiraino/revoke-cert
...
Add instructions to create a revoke certificate
4 years ago
afd3fafcc5
Merge pull request #170 from murphy83/Abort-Trick
...
Added some additonal text describing alternatives that may be used
4 years ago
44d76ac5ab
Describe card serial number error
4 years ago
6108558645
Describe ykman PGP keys reset
4 years ago
2698cecd4c
Add instruction to create a revoke certificate
4 years ago
42085bb86b
Merge pull request #172 from codesections-forks/master
...
Add steps for renewing (not rotating) sub-keys
4 years ago
b5adb349ad
Add steps for renewing (not rotating) sub-keys
...
As discussed in issue #164 , the current section on Rotating Keys
presents two alternatives: replacing the existing keys with a newly
generated key or extending the validity of existing keys by changing
their expiration. However, it only provides instructions for the
first approach. This commit adds instructions for renewing sub-keys.
I am far from an expert, and am submitting this change mostly in hopes
that it will provide documentation for the next time I need to renew
my sub-keys. I would welcome any changes or clarifications others
would care to offer.
4 years ago
db1d86cdd8
Added some additonal text describing alternatives that may be used
4 years ago
2c2cec316c
Bump Debian version, license year
4 years ago
2fc50760db
Merge pull request #160 from rvl/nixos
...
Add instructions for NixOS
4 years ago
51ed654e43
Merge pull request #159 from rvl/multiple-yubikeys
...
Add more detail about what to do with multiple YubiKeys
4 years ago
4a3647897d
Merge pull request #158 from rvl/primary-user-id
...
Add information about setting the primary user ID
4 years ago
bb5184a0b3
Add instructions for NixOS
...
I just tested these steps on a spare laptop.
4 years ago
b45174f185
Add more detail about what to do with multiple YubiKeys
4 years ago
6cd76216c5
Add information about setting the primary user ID
4 years ago
a17ba2d51e
Merge pull request #157 from ilpianista/patch-1
...
Fix gnupg package name for Arch
4 years ago
8f10cd5819
Fix gnupg package name for Arch
...
`gnupg2` has been [removed since March 2012](https://lists.archlinux.org/pipermail/arch-dev-public/2012-March/022690.html )
4 years ago
527c6a3b20
Merge pull request #155 from wsyxbcl/patch-1
...
fix broken links
4 years ago
bb0a0d1ac8
fix broken links
4 years ago
c0f19bdae7
Merge pull request #154 from pheuter/patch-1
...
Update GitHub instructions on Windows
4 years ago
e4a063e0f0
Update GitHub instructions on Windows
...
Add command to instruct Git to use WinGPG
4 years ago
1b5a2fefd8
Formatting cleanup
4 years ago
be7addad3c
Use larger partition sizes to fix #149 .
4 years ago
9bc4e6b24e
Merge pull request #147 from gusttt/patch-1
...
Fix typo in table of contents link
4 years ago
908d3172a4
Fix typo in table of contents link
4 years ago
04127d566b
Document issue #145 and fix #142
4 years ago
11d6e1aff6
Fix url formatting
5 years ago
701d9eb50f
Update Debian version and fix #137
5 years ago
e262092b0a
Merge pull request #141 from maximbaz/patch-1
...
Mention yubikey-touch-detector
5 years ago
35e443f8cc
Mention yubikey-touch-detector
5 years ago
eed8c3dd8c
Merge pull request #140 from iMilnb/master
...
Added a fix for failing ssh / GUI pinentry
5 years ago
137300a713
Added a fix for failing ssh / GUI pinentry
5 years ago
Kenny MacDermid