drduh
569231bf2b
Note to permasave password to fix #206
2021-08-15 16:12:36 -07:00
drduh
371d4ec77b
Mention the yubikey troubleshooting guide for gpg to fix #217
2021-08-15 15:46:14 -07:00
drduh
7bfae57336
Update filenames to fix #222
2021-08-15 15:42:53 -07:00
drduh
a02350f318
Merge pull request #276 from pedrohdz-scrap/clarify.pins-take.2
...
Clarified PIN config
2021-08-15 15:36:44 -07:00
drduh
92e2a5e8ac
Merge pull request #262 from iandstanley/patch-1
...
switching between Yubikeys
2021-08-15 15:24:30 -07:00
drduh
8816d9759f
Merge pull request #264 from iandstanley/master
...
added mention of ssh key support for blue security keys
2021-08-15 15:22:11 -07:00
Pedro H
1a83925dda
Expanded on GPG PIN config
2021-08-10 14:37:28 +02:00
Andrew Martinez
87f48f547b
clarify pins, drduh/YubiKey-Guide#248
...
- define each pin name, default, usage
- call out special admin pin restrictions
2021-08-10 12:50:36 +02:00
Sven Reissmann
23caa2c36b
Update nixos LiveCD example
...
````nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-graphical-kde.nix```` no longer exists.
Update to ````nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-graphical-plasma5.nix````
2021-07-05 10:19:58 +02:00
Ian Stanley
15bb00b428
added mention of ssh key support for blue security keys
...
As detailed in their recent press release and blog post
https://www.yubico.com/blog/github-now-supports-ssh-security-keys/
2021-06-08 20:59:02 +01:00
Ian Stanley
f6818480a5
added to section multiple Yubikeys section re: switching between Yubikeys
...
section describes the issue and the remedy for GPG stubs only pointing to the Yubikey that was last subject to the keytocard command
2021-06-04 22:47:38 +01:00
drduh
20dd0687cd
Merge pull request #247 from jamesob/jamesob-21-03-pass-trouble
...
Add note about pass insert error and `trust-key` usage
2021-05-31 16:21:51 +00:00
drduh
21c0e03cd0
Merge pull request #246 from whiskeysierra/patch-1
...
Update usage of ykman
2021-05-31 16:21:24 +00:00
drduh
6490586595
Merge pull request #232 from captn3m0/warning
...
[security] Adds warning about PUK being default
2021-05-31 16:19:49 +00:00
drduh
1566801177
Merge pull request #231 from captn3m0/change-puk
...
Adds instructions on changing the PUK
2021-05-31 16:19:29 +00:00
Michael Vorburger ⛑️
49bfbf81ed
Add hint re. (new) ssh-keygen -t ed25519-sk
2021-05-01 16:20:32 +02:00
James O'Beirne
47cd085518
Add note about pass insert error and trust-key
usage
...
When using a previously provisioned YubiKey on a new computer,
I was met with an "Unusable public key" error when trying to insert
a new password, despite being able to decrypt pass entries.
I tried setting the trust on the key via `gpg --edit-key`, but was
then met with "Need secret key to do this."
I found that the solution is apparently to use the `trust-key`
directive in `~/.gnupg/gpg.conf`, which is not mentioned in the README
at the moment.
2021-03-25 11:40:22 -04:00
Willi Schönborn
592bdc5733
Update usage of ykman
...
Fixes the following warning:
WARNING: The use of this command is deprecated and will be removed!
Replace with: ykman openpgp keys set-touch
2021-03-24 14:51:38 +01:00
drduh
de29a9e45c
Merge pull request #242 from inducer/patch-1
...
Fix: "quit" to save -> "save" to save
2021-02-11 17:11:41 -08:00
drduh
1d03a5201d
Merge pull request #240 from basbebe/macOS-GUI-setup
...
Add SSH setup for macOS GUI applications
2021-02-08 22:55:21 -08:00
berwag
fb4d390317
Update README.md
2021-02-04 19:39:15 +01:00
berwag
4370ba86ac
Update README.md
...
changed wording according to yubischiess' comment
2021-01-28 11:19:53 +01:00
berwag
ed85d93845
Additions to "Required Software"
...
proposed change according to Issue#215
2021-01-27 20:24:51 +01:00
Andreas Klöckner
d921fa05bb
Fix: "quit" to save -> "save" to save
2021-01-13 11:32:41 -06:00
basbebe
a65cdca19a
add fish config
2021-01-10 20:01:55 +01:00
basbebe
9fe946c8b1
Add SSH setup for macOS GUI applications
...
On macOS, a LaunchAgent needs to be created to overwrite the system's SSH agent.
see https://github.com/drduh/YubiKey-Guide/issues/229
2021-01-10 19:54:58 +01:00
drduh
4544d41d4c
Merge pull request #225 from ZenithalHourlyRate/gpg-agent-forward
...
Add New Agent Forward Method and Clarify Two Methods
2020-12-30 09:14:23 -08:00
Nemo
548b2adf2b
Adds warning about PUK being default
2020-12-25 12:52:39 +05:30
Nemo
8c5dfd2475
Adds instructions on changing the PUK
2020-12-25 12:49:06 +05:30
Zenithal
1eacf97835
Rephrase one sentence according to one comment on drduh/YubiKey-Guide#225
2020-12-24 21:08:41 +08:00
Zenithal
a24fa8f373
Add subsections on chained agent forwarding
2020-12-24 21:01:44 +08:00
Zenithal
7e49f5cc89
Add note on chained agent forwarding
2020-12-03 01:18:21 +08:00
Zenithal
52727f1e04
Correct WSL agent forwarding
...
This is a mix of two forwarding method,
this commit separates them
2020-12-03 01:16:47 +08:00
Zenithal
6097e6762c
Change note in alter agent section
...
Different methods have different requirements
2020-12-03 01:01:36 +08:00
Zenithal
0d06d2ace8
Add new method for ssh-agent forwarding
2020-12-03 00:52:43 +08:00
Zenithal
54f9e8a3f9
Add details to GPG-Agent forward; Alter structure
...
GPG Agent forwarding has a broader usage, not only
limited to ssh-agent forwarding.
In this commit gpg-agent forwarding is raised as a
separate section as it can not be contained by #SSH
any longer.
More details are added for gpg-agent forwarding, including
some important notes taken from practice and analysis.
For ssh-agent forward, older method are contained, and new
method will be included as framework has been structured.
2020-12-03 00:13:15 +08:00
Zenithal
410a1d6ac2
Change format of important notes in mutt subsection
2020-12-02 23:23:34 +08:00
Zenithal
083aa53cf0
Add Mutt subsection in Email section
2020-12-02 22:59:30 +08:00
Zenithal
0ea32bb949
Add Mutt in Email intro
2020-12-02 22:35:56 +08:00
drduh
fc6f9eb80d
Merge pull request #218 from DevSecNinja/devsecninja/addPowerShellCommand
...
Add PowerShell command to get YubiKey name
2020-11-21 10:59:23 -08:00
drduh
006ea19d04
Merge pull request #213 from linutsdc/fix-links
...
Fix links with parentheses
2020-11-21 10:48:00 -08:00
drduh
5c0bcd40a7
Merge pull request #211 from rgevaert/patch-1
...
unset GNUPGHOME variable
2020-11-21 10:45:59 -08:00
drduh
f2aeed1b55
Merge pull request #214 from anmull/debian-iso-version
...
Changes command to download Debian ISO to use the value in the SHA512SUMS file
2020-11-21 10:45:40 -08:00
Nemo
7067ba6c38
Fix reset command
...
gpg-connect-agent uses `-r/--run` not `-R`
2020-11-14 09:24:19 +00:00
Jean-Paul van Ravensberg
b1d3d279eb
Change edit to create or edit
...
As gpg-agent.conf didn't exist on my system
2020-10-31 11:29:35 +01:00
Jean-Paul van Ravensberg
fd4b6f3eb4
Add PowerShell command to get YubiKey name
2020-10-31 11:15:51 +01:00
Anthony Muller
70dc01467b
Update verification of Debian ISO to not hardcode the version.
2020-09-25 18:11:40 +00:00
Anthony Muller
967ca3cc52
Change Debian ISO url to be generated from the contents of SHA512SUM.
...
This removes the need to maintain the version number, which is currently
out of date.
2020-09-25 08:18:44 +00:00
andy
f0e877fe5f
Fix links with parentheses
2020-09-17 19:31:00 -04:00
dragon788
94a753d4a1
Merge branch 'master' into update-python-refs
2020-09-02 13:57:38 -05:00
Rudy Gevaert
547c1267bc
unset GNUPGHOME variable
...
if not done, in the next step you get error:
gpg: keyblock resource '/home/..../gnupg-workspace/pubring.kbx': No such file or directory
gpg: no writable keyring found: Not found
2020-09-01 14:20:32 +02:00
drduh
03f0e40558
Merge branch 'master' of https://github.com/Amolith/YubiKey-Guide into Amolith-master
2020-08-30 14:19:41 -07:00
Mirko Vogt
767b84eb3b
Add option to retrieve additionaly entropy from YubiKey itself
2020-08-29 16:24:34 +00:00
Amolith
0e7dabeeeb
change defaults and add info to #Require touch
...
As mentioned in #197 , the previous behaviour would require users to
touch their key any time an authentication, signing, or encryption
operation was performed. In some situations, this behaviour would be
undesirable and the only way to revert it would be fully resetting the
key and starting from scratch. Rather than using `fixed`, this commit
simply turns the feature `on` so the user can change it later if they
wish.
Additionally, a note about the other policies was included so users can
decide for themselves which fits their situation better.
2020-08-26 23:42:53 -04:00
dragon788
9bb54914b4
Merge branch 'master' into update-python-refs
2020-08-23 13:20:03 -05:00
drduh
697a7d8fb9
Merge pull request #203 from bengim/bengim-patch-PyOpenSSL
...
fixing wrong cryptography version
2020-08-22 14:19:45 -07:00
bengim
2187610c1d
Update README.md
...
fixing wrong cryptography version by explicitly installing PyOpenSSL
2020-08-22 19:33:38 +04:00
dragon788
58b7c819d7
Python2 is EOL, update packages/references to Py3
2020-08-21 17:55:28 -05:00
Stefano Figura
8a95de3e3f
Correct spelling
2020-08-14 00:12:06 +02:00
Stefano Figura
a2bc415f84
Update wording
...
Ensure that is clear that we do not need to modify keys or even plug the yubikey
2020-08-14 00:06:37 +02:00
Stefano Figura
8a08a8ac15
Update notation section
2020-08-13 23:51:42 +02:00
Stefano Figura
c9ea04db2c
Add notations section
2020-08-13 23:45:18 +02:00
b1f6c1c4
f6f2c26e90
Fix usage inconsistency
...
Master key shall only be used to certify other keys. The usage indicator in
README.md is inconsistently shown as SC and C.
2020-08-11 02:17:08 -04:00
Kenny MacDermid
78164e8bfd
Set touch policy to fixed.
...
Setting the touch policy to `on` does not prevent the policy from
later being turned off again. Setting it to `fixed` is more secure
because it can not be turned off.
If someone wants to disable the touch policy they can always restore
the keys from the backups created in the guide.
2020-05-27 16:39:29 -03:00
Sebastian Schmieschek
e1055025fe
Add information on potential PIN issues and how to debug them
...
I missed the error message when attempting to set a PIN of only 5 characters due
to the UI repeating the options below it.
Pinentry happily stores the bogus PIN and even counts down the retry counter
when entering the correct (default) one. This can be resolved by unblocking the
PIN.
Once I ran the gpg-agent with debug output (a tip found in the added link), the
issue was obvious.
2020-05-27 11:46:19 +01:00
drduh
ccb8b0130a
Stack rank secure environment and add a few tips
2020-05-25 12:49:07 -07:00
drduh
0bd52ed7d8
Merge pull request #185 from vald-phoenix/fix-borken-anchor
...
Fix broken anchor
2020-05-24 17:09:09 +00:00
Max Mäusezahl
1cf9656b33
Fix order of revocation command.
...
According to 'man gpg' the order of arguments should be
gpg [--homedir name] [--options file] [options] command [args]
In this case '--gen-revoke' is the command, '$KEYID' is an argument and
'--output $GNUPGHOME/revoke.asc' is an option. Previously this was
incorrect (option came first) and would spawn an error.
2020-05-24 17:53:56 +02:00
Mike Mazur
de13c8dba6
Include --expert when editing master key
...
This is specifically during setup when rotating keys.
2020-05-17 21:00:03 +08:00
Vladyslav Krylasov
4c1d538c60
Fix broken anchor
...
There are two anchors with the same name and this breaks navigation.
2020-05-04 19:19:02 +01:00
Jason Stelzer
aea317b527
Clarified wording
2020-05-04 08:28:23 -04:00
Jason Stelzer
07134a4e4f
GPG keys on multiple computers
...
I feel like this took me longer to figure out than it should have.
2020-05-04 08:22:14 -04:00
drduh
93cbbd9d8b
Address throw-keyids issue with mailvelope to fix #178
2020-05-03 14:18:29 -07:00
drduh
46d1d89115
Split export pubkey from backup to fix #175
2020-05-03 14:07:35 -07:00
drduh
bf38b94a65
Disambiguate backup volume label to fix #176 .
2020-05-03 13:45:58 -07:00
drduh
aad01ffde4
Merge pull request #180 from vald-phoenix/yubikey-reset-by-ykman
...
Describe ykman PGP keys reset
2020-05-03 18:12:47 +00:00
drduh
3be47a8c32
Merge pull request #179 from vald-phoenix/multiple-yubikeys
...
Describe card serial number error
2020-05-03 18:12:28 +00:00
drduh
a1a4a303f9
Merge pull request #177 from apiraino/revoke-cert
...
Add instructions to create a revoke certificate
2020-05-03 18:11:37 +00:00
drduh
afd3fafcc5
Merge pull request #170 from murphy83/Abort-Trick
...
Added some additonal text describing alternatives that may be used
2020-05-03 18:10:49 +00:00
Vladyslav Krylasov
44d76ac5ab
Describe card serial number error
2020-04-29 00:52:24 +01:00
Vladyslav Krylasov
6108558645
Describe ykman PGP keys reset
2020-04-28 21:28:44 +01:00
apiraino
2698cecd4c
Add instruction to create a revoke certificate
2020-04-28 16:19:18 +02:00
Daniel Sockwell
b5adb349ad
Add steps for renewing (not rotating) sub-keys
...
As discussed in issue #164 , the current section on Rotating Keys
presents two alternatives: replacing the existing keys with a newly
generated key or extending the validity of existing keys by changing
their expiration. However, it only provides instructions for the
first approach. This commit adds instructions for renewing sub-keys.
I am far from an expert, and am submitting this change mostly in hopes
that it will provide documentation for the next time I need to renew
my sub-keys. I would welcome any changes or clarifications others
would care to offer.
2020-03-24 12:42:42 -04:00
Murphy Laptop
db1d86cdd8
Added some additonal text describing alternatives that may be used
2020-03-02 21:18:56 +01:00
drduh
2c2cec316c
Bump Debian version, license year
2020-02-12 09:38:36 -08:00
drduh
2fc50760db
Merge pull request #160 from rvl/nixos
...
Add instructions for NixOS
2020-01-22 06:39:14 +00:00
drduh
51ed654e43
Merge pull request #159 from rvl/multiple-yubikeys
...
Add more detail about what to do with multiple YubiKeys
2020-01-22 06:39:08 +00:00
Rodney Lorrimar
bb5184a0b3
Add instructions for NixOS
...
I just tested these steps on a spare laptop.
2020-01-22 10:27:55 +10:00
Rodney Lorrimar
b45174f185
Add more detail about what to do with multiple YubiKeys
2020-01-22 09:40:34 +10:00
Rodney Lorrimar
6cd76216c5
Add information about setting the primary user ID
2020-01-22 09:12:17 +10:00
Andrea Scarpino
8f10cd5819
Fix gnupg package name for Arch
...
`gnupg2` has been [removed since March 2012](https://lists.archlinux.org/pipermail/arch-dev-public/2012-March/022690.html )
2020-01-21 12:01:27 +01:00
wsyxbcl
bb0a0d1ac8
fix broken links
2020-01-12 00:20:07 +08:00
Mark Fayngersh
e4a063e0f0
Update GitHub instructions on Windows
...
Add command to instruct Git to use WinGPG
2020-01-07 16:13:48 -05:00
drduh
1b5a2fefd8
Formatting cleanup
2019-12-30 15:36:11 -08:00
drduh
be7addad3c
Use larger partition sizes to fix #149 .
2019-12-30 15:22:39 -08:00
gusttt
908d3172a4
Fix typo in table of contents link
2019-12-16 15:05:46 +01:00
drduh
04127d566b
Document issue #145 and fix #142
2019-12-14 11:48:33 -08:00
drduh
11d6e1aff6
Fix url formatting
2019-11-19 17:28:45 -08:00
drduh
701d9eb50f
Update Debian version and fix #137
2019-11-19 17:24:57 -08:00
Maxim Baz
35e443f8cc
Mention yubikey-touch-detector
2019-11-17 20:42:04 +01:00
Emile 'iMil' Heitor
137300a713
Added a fix for failing ssh / GUI pinentry
2019-11-13 09:18:57 +01:00
Kiel C
010accf864
Add --keyserver flag pointing to Debian keyserver
...
Fixes #131
2019-11-07 13:29:39 -08:00
Sun Knudsen
4524c11632
Added important note about pin caching #135
2019-10-19 14:05:49 -04:00
Jakub Skory
5f150b68e2
More lines with old debian version corrected
2019-10-09 22:08:31 +02:00
Jakub Skory
754e480792
New Debian version: 10.1.0
...
Before curl returned http/404
2019-10-09 21:40:03 +02:00
Gary Johnson
13b9a92985
Update VM option
2019-09-27 02:26:44 -04:00
Gary Johnson
0f5df64094
Update README.md
...
Added primary source stating confirming that devices are read only in all but a few circumstances and that Keys ("secrets") cannot be read after being written to the device
2019-09-24 23:55:37 -04:00
drduh
541f8717e6
Merge pull request #126 from vorburger/patch-2
...
clarify that SSH_AUTH_SOCK should only be set locally, not on the remote server
2019-09-18 18:37:48 +00:00
Michael Vorburger ⛑️
42065a3b65
put additional information into single line
2019-09-17 20:12:16 +02:00
drduh
18320b0562
Merge pull request #128 from vorburger/patch-4
...
add 'sshd -eddd' Troubleshooting tip
2019-09-17 01:22:14 +00:00
drduh
57e712b830
Merge pull request #129 from vorburger/patch-5
...
fix link to YubiKey (non-NEO) Manager (fixes #124 )
2019-09-17 01:21:19 +00:00
drduh
877a4a7e99
Merge pull request #127 from vorburger/patch-3
...
simplify Agent Forwarding (RemoteForward typically not required)
2019-09-17 01:20:55 +00:00
Michael Vorburger ⛑️
8e8c138362
fix link to YubiKey (non-NEO) Manager ( fixes #124 )
2019-09-17 00:48:16 +02:00
Michael Vorburger ⛑️
ae35e707b6
add 'sshd -eddd' Troubleshooting tip
2019-09-17 00:35:26 +02:00
Michael Vorburger ⛑️
dd1a3ce4a8
simplify Agent Forwarding (RemoteForward typically not required)
2019-09-17 00:27:19 +02:00
Michael Vorburger ⛑️
de193ee363
clarify that SSH_AUTH_SOCK should only be set locally, not on the remote server
2019-09-16 23:59:50 +02:00
Michael Vorburger ⛑️
8ba087efe4
fix link to Remote Machines (Agent Forwarding) in TOC
2019-09-16 23:47:57 +02:00
drduh
5bbad1fc4c
Mention forwarding risk and Ubuntu multiverse repository, fix #116 .
2019-08-29 12:21:55 -07:00
Alex Romanov
e1d5e6fb9d
Fix typo from #122
2019-08-28 01:25:49 -07:00
Thomas A Caswell
f8880975b8
DOC: justify why you would want to sign your new key
2019-08-26 21:10:19 -04:00
Thomas A Caswell
5df1226971
DOC: notes an adding more emails
2019-08-23 12:57:08 -04:00
Thomas A Caswell
de7675f7a9
DOC: add section on signing with existing key
2019-08-23 12:54:28 -04:00
drduh
96c15ba3f3
Merge pull request #120 from timcooijmans/patch-1
...
Describe how to enable mailvelope on MacOS
2019-08-14 18:21:50 +00:00
Diego Rodriguez
3ae1656f5d
Update README.md
...
When adding GPG SSH agent configuration to shell rc file, redirect output of gpg-connect-agent to /dev/null so that it doesn't output `OK` every time you bring up a new shell
2019-08-12 13:46:11 -06:00
timcooijmans
2309e2903d
Fix formatting
2019-08-09 21:54:54 +02:00
timcooijmans
e7d2507c47
Add description on how to enable mailvelope
2019-08-09 21:51:40 +02:00
David C. Bradley
399127c43d
Move output option to earlier in command
...
The output option dosen't seem to work on Windows when it is at the end of the command. Moving it to earlier in the command fixes this issue.
2019-08-07 16:14:02 -05:00
Andrew Morgan
f36447a85b
State that set-touch
used to be touch
2019-08-02 18:24:43 +01:00
drduh
6482036e17
Bump debian version and fix some grammar.
2019-07-07 19:45:22 -07:00
Matthew Riley
fddefb5245
Fix 'Require Touch' syntax
...
The syntax to change Yubikey touch configurations has changed. Updating this accordingly.
2019-07-04 12:39:33 -04:00
drduh
48bf452e4b
Feature simpler multiple key workaround
2019-06-09 12:31:58 -07:00
drduh
09f3822a19
Link to multiple keys discussions. Fix #19 . Fix #112 .
2019-06-09 11:42:00 -07:00
Jakob Knutsen
1544d14689
Fix link to supply chain attacks
2019-06-09 12:11:52 +02:00
drduh
b745f1d90e
Add card reset steps, clean up formatting.
2019-06-02 10:32:16 -07:00
Benjamin BERNARD
46601736f6
Adding link to summary for 'Using multiple YubiKey with same GPG keys' section
2019-05-26 19:05:43 +02:00
Benjamin BERNARD
b101259a27
Multiple Yubikey with same GPG Keys, serial number issue, GnuPG workaround to switch to another key
2019-05-26 19:03:41 +02:00
drduh
1b9fc107c0
Fix date string format
2019-05-25 23:55:29 -07:00
Carl Dong
4552bb45e1
Correct date invocation
...
The correct syntax is `date +FORMAT`
2019-05-26 02:22:04 -04:00
drduh
04bef18b0c
Add section on key rotation to fix #101
2019-05-25 12:20:07 -07:00
drduh
7661d79b51
Mention Thunderbird, clean up agent forwarding. Fix #85 .
2019-05-19 12:35:02 -07:00
drduh
f8d6dec18f
Better openbsd backup instructions, slimmer TOC
2019-05-18 18:53:42 -07:00
drduh
bf05e0e7c4
Better backup and testing instructions
2019-05-18 17:47:13 -07:00
drduh
a6bc874713
Increment debian image version
2019-04-30 12:03:19 -07:00
Simon A
c5e1d96d84
fix(link): update links to latest version (old ones 404)
2019-04-25 17:53:55 +02:00
David Kane
5007059085
Fix link anchor issue
...
fix 'Save public key for identity file configuration' markdown link
fix 'Remote Machines (agent forwarding)' markdown link
2019-04-14 19:48:18 +01:00
Philipp Eckel
13c8fcf647
no need to support the monopoly
2019-03-19 00:30:03 +01:00
nixbitcoin
6d4035252a
Add Verify Yubikey section
2019-03-07 14:02:05 +01:00
Adam Uhlíř
3ed8f56557
Add hint for setting up gpg-agent socket
...
On my system (Linux Mint) `gpgconf --list-dirs agent-ssh-socket` does return all dirs and not only the one for agent-ssh-socket hence `ssh-add -L` was failing. This is a hint for other people to troubleshoot this behaviour.
2019-02-19 10:33:18 -08:00
Zachary Adam Kaplan
e4cb903ef4
debian iso has change from 9.6.0 -> 9.7.0
2019-02-15 16:23:29 -08:00
drduh
e05dc4b5bd
Update license and formatting
2019-02-06 20:25:04 -08:00
Michael Käufl
457e22d473
Move install instructions to the top
...
Section `Creating keys` ends with `Disable networking for the
remainder of the setup.`. All instructions that require a network
should be before this sentence.
2019-02-06 13:17:57 +01:00
drduh
303cb25d4d
Update license year, style and grammar
2019-02-02 21:25:21 -08:00
drduh
3f4480db25
Update openbsd instructions
2019-02-02 21:08:39 -08:00
drduh
381088ba79
Merge pull request #92 from tacaswell/doc_arch_install
...
DOC: add install instructions for Arch linux and RHEL
2019-02-03 03:57:33 +00:00
Thomas A Caswell
7dbc05977e
DOC: update for packages to install on RHEL
2019-02-02 22:15:41 -05:00
Thomas A Caswell
9e7a3225ae
DOC: add install instructions for Arch linux
2019-02-02 22:11:09 -05:00
Wael M. Nasreddine
7115f9a385
Master key should have Certify-capability only!
2019-02-02 09:48:59 -08:00
Michael
bba51c10cc
Fix typo
...
IdentityFiles can be passed to ssh via `-i`, not `-l`.
The next paragraph mentions the correct argument.
ref commit 52c8324fa2
,
part of PR drduh/YubiKey-Guide#65
2019-01-20 18:48:59 +00:00
drduh
8ea5900d4e
Style and console formatting, tips for multiple key use
2019-01-17 22:13:24 -08:00
wheest
ee71716ed7
Added pull request suggestions
2019-01-12 17:05:21 +00:00
Wheest
c28b33372c
Moved Agent Forwarding section to before the WSL one
2019-01-07 22:00:27 +00:00
Wheest
b44f6131ef
Further amendments to Agent Forwarding
2019-01-07 21:58:14 +00:00
Wheest
7eed0ccef8
Improvements to Agent Forwarding section, following feedback in:
...
https://github.com/drduh/YubiKey-Guide/issues/85
2019-01-07 21:38:46 +00:00
drduh
3a872d40fe
Fix keyserver command order to fix #86
2019-01-06 17:47:10 -08:00
Dan Cundiff
8f724a4df5
Add addition note about red hokey output
2019-01-06 19:35:03 -06:00
drduh
19b1297c22
Merge pull request #84 from hughobrien/mention-tmpfs
...
describe tmpfs clearing rather than init system (debian uses tmpfs)
2018-12-30 02:35:24 +00:00
drduh
3174935f99
Merge pull request #83 from hughobrien/gpg-conf-key-origin
...
remove broken gpg option (debian 9.6)
2018-12-30 02:34:25 +00:00
Hugh O'Brien
a6431962a6
remove broken gpg option (debian 9.6)
...
As per [0], the --with-key-origin option is experimental.
0: https://www.gnupg.org/documentation/manuals/gnupg/GPG-Input-and-Output.html#index-with_002dkey_002dorigin
2018-12-29 20:12:09 +00:00
Hugh O'Brien
0f6e9948d7
mention debian-live user/pass in case of screen lock
2018-12-29 20:08:48 +00:00
Hugh O'Brien
80d5c0ed6c
describe tmpfs clearing rather than init system (debian uses tmpfs)
2018-12-29 20:06:33 +00:00
drduh
94919459a6
Update gpg prefs, style and fix #21 .
2018-12-27 20:26:37 -08:00
Matt T. Proud
7746c3381a
Emphasize keytocard danger and fix inconsistency.
...
This commit applies a few editorial cleanups to the document:
1. `keytocard` operations now contained emphasized warnings to convey
that these operations are destructive. I unknowingly made this
mistake a few years ago and only learned of it recently. For that
reason, we should go out of our way on user's behalf with due
diligence warnings.
2. `$KEYID` was not uniformly used throughout the document in various
command line input literals. This is now fixed.
3. `YubiKey` was often represented as `Yubikey` and other
inconsistent forms throughout the document. This is now fixed,
except in cases of URL, command output, etc.
2018-12-07 09:50:30 +01:00
drduh
a68fa27309
Merge pull request #79 from Wheest/master
...
Agent Forwarding
2018-12-05 17:10:07 +00:00
Wheest
4e23c63bb4
Agent Forwarding
...
Was looking at how to access on remote machines, is a standard ssh workflow, but might be useful to have it here too.
2018-12-05 16:02:37 +00:00
Brice Gagnage
86e03e6d09
final draft
2018-12-04 15:11:13 +01:00
Brice Gagnage
ee30767612
final draft
2018-12-04 15:03:00 +01:00
Brice Gagnage
ffd7b674c8
updated draft
2018-12-04 13:16:18 +01:00
Brice Gagnage
95624e2c48
first draft
2018-12-04 11:39:25 +01:00
Brice Gagnage
1c15d89a54
maow
2018-12-03 17:28:34 +01:00
Brice Gagnage
92467bc126
test
2018-12-03 17:19:45 +01:00
Brice Gagnage
f39b92ae45
test sign
2018-12-03 17:17:09 +01:00
Brice Gagnage
2b5891294a
Update README.md
...
continuing
2018-12-03 15:00:04 +01:00
Brice Gagnage
afc8580b0d
Update README.md
...
test
2018-12-03 13:54:40 +01:00
drduh
d818b03cdc
Grammar and lint. Fix #73 .
2018-11-28 21:38:35 -08:00
Julian Hernandez
857adb26a2
Update live Debian version to 9.6.0
2018-11-28 22:54:41 -05:00
Dino Bajramovic
472d85d12b
fix typo
2018-11-05 20:49:48 +01:00
drduh
f1a97fc6d5
Note about gpg public key
2018-11-01 14:11:52 -07:00
loys ollivier
6f76e6a197
Update README.md
...
gpg option to edit card info is now `--card-edit` and not `--edit-card`
2018-10-29 11:59:29 +01:00
Ian Brown
d02766389d
Add packages to apt-get list to fix gpg --recv and srm commands
...
Two commands mentioned later in the document won't work without two packages that don't come pre-installed with the Debian LiveCD: dirmngr and secure-delete.
2018-10-16 21:00:48 -07:00
drduh
96af4d3b3b
Merge pull request #70 from jwilk-forks/gpg-verify
...
Fix live image integrity check
2018-09-18 19:40:19 -07:00
Jakub Wilk
d7a14b078c
Fix live image integrity check
...
"gpg SHA512SUMS.sign" would do the right thing only if the file actually
contained a detached signature.
Use explicit and robust "gpg --verify SHA512SUMS.sign SHA512SUMS"
instead.
2018-09-18 22:20:40 +02:00
Jakub Wilk
3be71bd253
Fix typos
2018-09-18 21:39:06 +02:00
drduh
27bef99239
Massive style revision and version update
2018-09-09 17:42:45 -07:00
Ben Low
34a5502477
typos
2018-07-19 12:55:33 +10:00
Ben Low
52c8324fa2
Expand on ssh identies usage.
2018-07-19 12:49:22 +10:00
Ben Low
aad57241e9
Fix key label, consistency.
2018-07-18 18:24:06 +10:00
Ben Low
b67776a2b2
Fix TOC, spelling.
2018-07-18 18:22:11 +10:00
Ben Low
d33252848d
Added information on gpg-agent
.
2018-07-18 18:03:06 +10:00
Jonah Aragon
840b4069f2
Fix "signingkey" typo
2018-07-15 18:43:48 -07:00
Vadim Zendejas
dad5bcd5fc
Added comment on GitHub Authetication for only Windows
2018-07-05 16:50:42 +02:00